whitequark.org / git-pages-cli
[mirror] Command-line application for uploading a site to a git-pages server
fork atom

Implement `--password-file`.

whitequark.org c25ae5e6 8568d4e9

+26 -2
unified split
+26 -2
main.go
··· 40 40 } 41 41 42 42 var passwordFlag = pflag.String("password", "", "password for DNS challenge authorization") 43 + var passwordFileFlag = pflag.String("password-file", "", "file with password for DNS challenge authorization") 43 44 var tokenFlag = pflag.String("token", "", "token for forge authorization") 44 45 var challengeFlag = pflag.Bool("challenge", false, "compute DNS challenge entry from password (output zone file record)") 45 46 var challengeBareFlag = pflag.Bool("challenge-bare", false, "compute DNS challenge entry from password (output bare TXT value)") ··· 226 227 os.Exit(0) 227 228 } 228 229 230 + if *passwordFlag != "" && *passwordFileFlag != "" { 231 + fmt.Fprintf(os.Stderr, "--password and --password-file are mutually exclusive") 232 + os.Exit(usageExitCode) 233 + } 234 + 229 235 if *passwordFlag != "" && *tokenFlag != "" { 230 236 fmt.Fprintf(os.Stderr, "--password and --token are mutually exclusive") 231 237 os.Exit(usageExitCode) 238 + } 239 + 240 + if *passwordFileFlag != "" { 241 + contents, err := os.ReadFile(*passwordFileFlag) 242 + if err != nil { 243 + fmt.Fprintf(os.Stderr, "error: invalid password file: %s\n", err) 244 + os.Exit(1) 245 + } 246 + // Trim all trailing newlines; there's no legitimate reason to have one in a password. 247 + *passwordFlag = strings.TrimRight(string(contents), "\n") 232 248 } 233 249 234 250 var pathPrefix string ··· 351 367 request.Header.Add("Race-Free", "no") // deprecated name, to be removed soon 352 368 } 353 369 } 370 + makeAuthorization := func(headerName string, kind string, value string) { 371 + if strings.ContainsAny(value, "\r\n") { 372 + fmt.Fprintf(os.Stderr, "error: invalid characters in %s header value: %q\n", 373 + headerName, value) 374 + os.Exit(1) 375 + } 376 + request.Header.Add(headerName, fmt.Sprintf("%s %s", kind, value)) 377 + } 354 378 switch { 355 379 case *passwordFlag != "": 356 - request.Header.Add("Authorization", fmt.Sprintf("Pages %s", *passwordFlag)) 380 + makeAuthorization("Authorization", "Pages", *passwordFlag) 357 381 case *tokenFlag != "": 358 - request.Header.Add("Forge-Authorization", fmt.Sprintf("token %s", *tokenFlag)) 382 + makeAuthorization("Forge-Authorization", "token", *tokenFlag) 359 383 } 360 384 if *serverFlag != "" { 361 385 // Send the request to `--server` host, but set the `Host:` header to the site host.