Make installer interactive for credential source selection
This commit is contained in:
@@ -15,7 +15,7 @@ output="$(cd "$ROOT" && sh install.sh --dry-run --non-interactive --minimal)"
|
||||
|
||||
printf '%s\n' "$output" | grep -q 'Detected state:'
|
||||
printf '%s\n' "$output" | grep -q 'Interactive prompts: off'
|
||||
printf '%s\n' "$output" | grep -q 'Modules: bitwarden=0 touchid=0 sudoers=1 shell=1 app=1 autostart=1'
|
||||
printf '%s\n' "$output" | grep -q 'Modules: credential_source=keychain bitwarden=0 touchid=0 sudoers=1 shell=1 app=1 autostart=1'
|
||||
printf '%s\n' "$output" | grep -q 'Проверяю Homebrew-зависимости'
|
||||
printf '%s\n' "$output" | grep -q 'Swift build может занять минуту'
|
||||
printf '%s\n' "$output" | grep -q 'sudo install -d -m 755 -o root -g wheel /usr/local/sbin'
|
||||
@@ -29,9 +29,38 @@ if printf '%s\n' "$output" | grep -q "$esc"; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if command -v expect >/dev/null 2>&1; then
|
||||
interactive_output="$(
|
||||
ROOT="$ROOT" expect <<'EXPECT'
|
||||
set timeout 30
|
||||
spawn sh $env(ROOT)/install.sh --dry-run --interactive --without-app --no-shell --no-sudoers
|
||||
expect "Как хранить VPN credentials?"
|
||||
expect "Выбор"
|
||||
send "2\r"
|
||||
expect eof
|
||||
EXPECT
|
||||
)"
|
||||
|
||||
printf '%s\n' "$interactive_output" | grep -q 'Как хранить VPN credentials?'
|
||||
printf '%s\n' "$interactive_output" | grep -q '1) Bitwarden'
|
||||
printf '%s\n' "$interactive_output" | grep -q '2) macOS Keychain: ввести LDAP password и TOTP seed сейчас'
|
||||
printf '%s\n' "$interactive_output" | grep -q '3) macOS Keychain: настрою вручную позже'
|
||||
printf '%s\n' "$interactive_output" | grep -q 'Modules: credential_source=keychain bitwarden=0 touchid=0 sudoers=0 shell=0 app=0 autostart=0'
|
||||
printf '%s\n' "$interactive_output" | grep -q "vpn-lemanapro.sh --configure-keychain"
|
||||
fi
|
||||
|
||||
status_json="$(bash "$ROOT/bin/vpn-lemanapro.sh" --status --json)"
|
||||
printf '%s\n' "$status_json" | grep -q '"modules":'
|
||||
printf '%s\n' "$status_json" | grep -q '"app":'
|
||||
|
||||
keychain_status_json="$(LEMANA_VPN_CREDENTIAL_SOURCE=keychain bash "$ROOT/bin/vpn-lemanapro.sh" --status --json)"
|
||||
printf '%s\n' "$keychain_status_json" | grep -q '"credentials":{"source":"keychain","keychain_ready":false}'
|
||||
printf '%s\n' "$keychain_status_json" | grep -q '"bitwarden":{"enabled":false'
|
||||
printf '%s\n' "$keychain_status_json" | grep -q '"touchid":{"enabled":false'
|
||||
|
||||
bitwarden_status_json="$(LEMANA_VPN_CREDENTIAL_SOURCE=bitwarden bash "$ROOT/bin/vpn-lemanapro.sh" --status --json)"
|
||||
printf '%s\n' "$bitwarden_status_json" | grep -q '"credentials":{"source":"bitwarden","keychain_ready":false}'
|
||||
printf '%s\n' "$bitwarden_status_json" | grep -q '"bitwarden":{"enabled":true'
|
||||
grep -q 'LemanaVPN-openconnect-lite.log' "$ROOT/bin/vpn-lemanapro.sh"
|
||||
grep -q '"event":"waiting"' "$ROOT/bin/vpn-lemanapro.sh"
|
||||
grep -q -- '--patch-only' "$ROOT/bin/vpn-lemanapro.sh"
|
||||
@@ -45,6 +74,8 @@ grep -q 'vpn-manual' "$ROOT/install.sh"
|
||||
grep -q 'connect(mode: .auto)' "$ROOT/app/Sources/LemanaVPN/LemanaVPNApp.swift"
|
||||
grep -q 'connect(mode: .manual)' "$ROOT/app/Sources/LemanaVPN/LemanaVPNApp.swift"
|
||||
grep -q 'enum VPNLaunchMode' "$ROOT/app/Sources/LemanaVPN/VPNManager.swift"
|
||||
grep -q 'struct Credentials: Decodable' "$ROOT/app/Sources/LemanaVPN/VPNManager.swift"
|
||||
grep -q 'credential_source' "$ROOT/app/Sources/LemanaVPN/VPNManager.swift"
|
||||
|
||||
fake_webengine="$TMP_DIR/webengine_process.py"
|
||||
fake_authenticator="$TMP_DIR/authenticator.py"
|
||||
@@ -190,7 +221,7 @@ set +e
|
||||
manual_output="$(
|
||||
HOME="$HOME" \
|
||||
LEMANA_VPN_USERNAME="$missing_user" \
|
||||
LEMANA_VPN_USE_BITWARDEN=0 \
|
||||
LEMANA_VPN_CREDENTIAL_SOURCE=keychain \
|
||||
bash "$ROOT/bin/vpn-lemanapro.sh" --json 2>&1
|
||||
)"
|
||||
manual_code=$?
|
||||
@@ -204,6 +235,28 @@ if printf '%s\n' "$manual_output" | grep -q 'Cleaning up VPN DNS'; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
fake_oc_python="$TMP_DIR/fake-oc-python"
|
||||
captured_totp="$TMP_DIR/captured-totp"
|
||||
cat > "$fake_oc_python" <<'SH'
|
||||
#!/bin/sh
|
||||
cat >/dev/null
|
||||
printf '%s\n' "${_VPN_TOTP_SECRET:-}" > "$LEMANA_VPN_CAPTURE_TOTP"
|
||||
SH
|
||||
chmod +x "$fake_oc_python"
|
||||
|
||||
configure_output="$(
|
||||
printf 'ldap-password\notpauth://totp/Lemana:test?secret=abcd2345efgh6723&issuer=Lemana\n' |
|
||||
HOME="$HOME" \
|
||||
LEMANA_VPN_USERNAME="lemana-configure-$$" \
|
||||
LEMANA_VPN_CREDENTIAL_SOURCE=keychain \
|
||||
LEMANA_VPN_OC_PYTHON="$fake_oc_python" \
|
||||
LEMANA_VPN_CAPTURE_TOTP="$captured_totp" \
|
||||
bash "$ROOT/bin/vpn-lemanapro.sh" --configure-keychain
|
||||
)"
|
||||
|
||||
printf '%s\n' "$configure_output" | grep -q 'Credentials are ready in macOS Keychain'
|
||||
grep -q '^ABCD2345EFGH6723$' "$captured_totp"
|
||||
|
||||
fake_pwd="$TMP_DIR/fake-pwd"
|
||||
mkdir -p "$fake_pwd/bin"
|
||||
printf 'stale local cli\n' > "$fake_pwd/bin/vpn-lemanapro.sh"
|
||||
|
||||
Reference in New Issue
Block a user