git.fiddlerwoaroof.com
Browse code

Add script for setting up dual_control for a user

This script checks to see if the qrencode program is available and, if
so, generates a qr code.

Ed Langley authored on 14/06/2017 21:58:27
Showing 1 changed files
setup_user_account.sh
History View file @ ee5e259
1 1 
new file mode 100644
... ... 
@@ -0,0 +1,65 @@
1 
+#!/usr/bin/env/bash -x
2 
+
3 
+DUAL_CONTROL="$(which dual_control)"
4 
+DUAL_CONTROL="${DUAL_CONTROL:-./dual_control}"
5 
+
6 
+get_key() {
7 
+  "$DUAL_CONTROL" | awk '$1 == "Key:" { print $2 }'
8 
+}
9 
+
10 
+get_token() {
11 
+  "$DUAL_CONTROL" | awk '$2 == "Token:" { print $3 }'
12 
+}
13 
+
14 
+qr() {
15 
+  local VAL=$1
16 
+  local MODE=${2:-ANSIUTF8}
17 
+  shift 2
18 
+
19 
+  qrencode -t $MODE $VAL
20 
+}
21 
+
22 
+get_url() {
23 
+  local user="$(whoami)"
24 
+  printf "otpauth://totp/${user}?secret=$1"
25 
+}
26 
+
27 
+main() {
28 
+  pushd "$(dirname $0)" > /dev/null
29 
+  local KEY="$(get_key)"
30 
+  local KEY_URL="$(get_url "$KEY")"
31 
+  local NONINTERACTIVE="$1"
32 
+
33 
+  if which qrencode > /dev/null; then
34 
+    qr $KEY_URL
35 
+  else
36 
+    echo "Run 'yum install qrencode' to get a QR code"
37 
+  fi
38 
+  echo
39 
+
40 
+  "$DUAL_CONTROL"
41 
+  local MORE
42 
+  while [[ -z "$NONINTERACTIVE" ]]; do
43 
+    read -r -p 'Another token [Y/n]? ' MORE
44 
+    MORE="${MORE:-y}"
45 
+    if [[ "${MORE/Y/y}" != 'y' ]]; then
46 
+      break
47 
+    fi
48 
+    get_token
49 
+  done
50 
+
51 
+  popd > /dev/null
52 
+}
53 
+
54 
+case "$1" in
55 
+  '-h')
56 
+  cat <<EOF
57 
+USAGE:
58 
+  $(basename $0) [--help]
59 
+  $(basename $0) [is_not_interactive]
60 
+EOF
61 
+  exit 0
62 
+  ;;
63 
+*)
64 
+  main "$1"
65 
+esac