Add --auth-response option and expose through entrypoint.sh (#1628)

* This allows for the use of the `--auth-files` switch in the docker environment.

Co-authored-by: abraunegg <alex.braunegg@gmail.com>

contrib/docker/entrypoint.sh

@@ -1,6 +1,6 @@
 #!/bin/bash -eu
 
-set +H -xeuo pipefail
+set +H -euo pipefail
 
 : ${ONEDRIVE_UID:=$(stat /onedrive/data -c '%u')}
 : ${ONEDRIVE_GID:=$(stat /onedrive/data -c '%g')}
@@ -27,46 +27,67 @@ chown "${oduser}:${odgroup}" /onedrive/ /onedrive/conf
 
 # Default parameters
 ARGS=(--monitor --confdir /onedrive/conf --syncdir /onedrive/data)
+echo "Base Args: ${ARGS}"
 
 # Make Verbose output optional, based on an environment variable
 if [ "${ONEDRIVE_VERBOSE:=0}" == "1" ]; then
    echo "# We are being verbose"
+   echo "# Adding --verbose"
    ARGS=(--verbose ${ARGS[@]})
 fi
 
 # Tell client to perform debug output, based on an environment variable
 if [ "${ONEDRIVE_DEBUG:=0}" == "1" ]; then
    echo "# We are performing debug output"
+   echo "# Adding --verbose --verbose"
    ARGS=(--verbose --verbose ${ARGS[@]})
 fi
 
 # Tell client to perform HTTPS debug output, based on an environment variable
 if [ "${ONEDRIVE_DEBUG_HTTPS:=0}" == "1" ]; then
    echo "# We are performing HTTPS debug output"
+   echo "# Adding --debug-https"
    ARGS=(--debug-https ${ARGS[@]})
 fi
 
 # Tell client to perform a resync based on environment variable
 if [ "${ONEDRIVE_RESYNC:=0}" == "1" ]; then
    echo "# We are performing a --resync"
+   echo "# Adding --resync"
    ARGS=(--resync ${ARGS[@]})
 fi
 
 # Tell client to sync in download-only mode based on environment variable
 if [ "${ONEDRIVE_DOWNLOADONLY:=0}" == "1" ]; then
    echo "# We are synchronizing in download-only mode"
+   echo "# Adding --download-only"
    ARGS=(--download-only ${ARGS[@]})
 fi
 
 # Tell client to logout based on environment variable
 if [ "${ONEDRIVE_LOGOUT:=0}" == "1" ]; then
    echo "# We are logging out to perform a reauthentication"
+   echo "# Adding --logout"
    ARGS=(--logout ${ARGS[@]})
 fi
 
+# Tell client to utilize auth files at the provided locations based on environment variable
+if [ -n "${ONEDRIVE_AUTHFILES:=""}" ]; then
+   echo "# We are using auth files to perform authentication"
+   echo "# Adding --auth-files ARG"
+   ARGS=(--auth-files ${ONEDRIVE_AUTHFILES} ${ARGS[@]})
+fi
+
+# Tell client to utilize provided auth reponse based on environment variable
+if [ -n "${ONEDRIVE_AUTHRESPONSE:=""}" ]; then
+   echo "# We are providing the auth response directly to perform authentication"
+   echo "# Adding --auth-response ARG"
+   ARGS=(--auth-response \"${ONEDRIVE_AUTHRESPONSE}\" ${ARGS[@]})
+fi
 
 if [ ${#} -gt 0 ]; then
   ARGS=("${@}")
 fi
 
+echo "# Launching onedrive"
 exec gosu "${oduser}" /usr/local/bin/onedrive "${ARGS[@]}"

docs/Docker.md

@@ -195,6 +195,8 @@ docker run $firstRun --restart unless-stopped --name onedrive -v onedrive_conf:/
 | <B>ONEDRIVE_RESYNC</B> | Controls "--resync" switch on onedrive sync. Default is 0 | 1 |
 | <B>ONEDRIVE_DOWNLOADONLY</B> | Controls "--download-only" switch on onedrive sync. Default is 0 | 1 |
 | <B>ONEDRIVE_LOGOUT</B> | Controls "--logout" switch. Default is 0 | 1 |
+| <B>ONEDRIVE_AUTHFILES</B> | Controls "--auth-files" option. Default is "" | "authUrl:responseUrl" |
+| <B>ONEDRIVE_AUTHRESPONSE</B> | Controls "--auth-response" option. Default is "" | See [here](https://github.com/abraunegg/onedrive/blob/master/docs/USAGE.md#authorize-the-application-with-your-onedrive-account) |
 
 ### Usage Examples
 **Verbose Output:**

docs/USAGE.md

@@ -996,6 +996,8 @@ Options:
       Perform authorization via two files passed in as ARG in the format `authUrl:responseUrl`
       The authorization URL is written to the `authUrl`, then onedrive waits for the file `responseUrl`
       to be present, and reads the response from that file.
+  --auth-response ARG
+      Perform authentication not via interactive dialog but via providing the reponse url directly.
   --check-for-nomount
       Check for the presence of .nosync in the syncdir root. If found, do not perform sync.
   --check-for-nosync

src/config.d

@@ -289,6 +289,7 @@ final class Config
 		stringValues["single_directory"]  = "";
 		stringValues["source_directory"]  = "";
 		stringValues["auth_files"]        = "";
+		stringValues["auth_response"]     = "";
 		boolValues["display_config"]      = false;
 		boolValues["display_sync_status"] = false;
 		boolValues["print_token"]         = false;
@@ -312,6 +313,9 @@ final class Config
 				"auth-files",
 					"Perform authentication not via interactive dialog but via files read/writes to these files.",
 					&stringValues["auth_files"],
+				"auth-response",
+					"Perform authentication not via interactive dialog but via providing the reponse url directly.",
+					&stringValues["auth_response"],
 				"check-for-nomount",
 					"Check for the presence of .nosync in the syncdir root. If found, do not perform sync.",
 					&boolValues["check_nomount"],

src/onedrive.d

@@ -509,12 +509,10 @@ final class OneDriveApi
 		char[] response;
 		string url = authUrl ~ "?client_id=" ~ clientId ~ "&scope=Files.ReadWrite%20Files.ReadWrite.all%20Sites.Read.All%20Sites.ReadWrite.All%20offline_access&response_type=code&prompt=login&redirect_uri=" ~ redirectUrl;
 		string authFilesString = cfg.getValueString("auth_files");
-		if (authFilesString == "") {
-			log.log("Authorize this app visiting:\n");
-			write(url, "\n\n", "Enter the response uri: ");
-			readln(response);
-			cfg.applicationAuthorizeResponseUri = true;
-		} else {
+		string authResponseString = cfg.getValueString("auth_response");
+		if (authResponseString != "") {
+			response = cast(char[]) authResponseString;
+		} else if (authFilesString != "") {
 			string[] authFiles = authFilesString.split(":");
 			string authUrl = authFiles[0];
 			string responseUrl = authFiles[1];
@@ -542,6 +540,11 @@ final class OneDriveApi
 				log.error("Cannot remove files ", authUrl, " ", responseUrl);
 				return false;
 			}
+		} else {
+			log.log("Authorize this app visiting:\n");
+			write(url, "\n\n", "Enter the response uri: ");
+			readln(response);
+			cfg.applicationAuthorizeResponseUri = true;
 		}
 		// match the authorization code
 		auto c = matchFirst(response, r"(?:[\?&]code=)([\w\d-.]+)");