Convert Feedly and Mercury to use the new Secrets system.

This commit is contained in:
Maurice Parker 2019-11-27 17:20:09 -06:00
parent 748f4e64d3
commit 30f560be4d
5 changed files with 10 additions and 85 deletions

View File

@ -775,9 +775,7 @@
isa = PBXNativeTarget;
buildConfigurationList = 8489350A1F62485000CEBD24 /* Build configuration list for PBXNativeTarget "Account" */;
buildPhases = (
9E964EBB2375512300A7AF2E /* Run Script: Update OAuthAuthorizationClient+Feedly.swift */,
848934F11F62484F00CEBD24 /* Sources */,
9E964EBC2375517100A7AF2E /* Run Script: Reset OAuthAuthorizationClient+Feedly.swift */,
848934F21F62484F00CEBD24 /* Frameworks */,
848934F31F62484F00CEBD24 /* Headers */,
848934F41F62484F00CEBD24 /* Resources */,
@ -950,42 +948,6 @@
shellPath = /bin/sh;
shellScript = "xcrun -sdk macosx swiftc -target x86_64-macosx10.11 ../../buildscripts/VerifyNoBuildSettings.swift -o $CONFIGURATION_TEMP_DIR/VerifyNoBS\n$CONFIGURATION_TEMP_DIR/VerifyNoBS ${PROJECT_NAME}.xcodeproj/project.pbxproj\n";
};
9E964EBB2375512300A7AF2E /* Run Script: Update OAuthAuthorizationClient+Feedly.swift */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
);
inputFileListPaths = (
);
inputPaths = (
);
name = "Run Script: Update OAuthAuthorizationClient+Feedly.swift";
outputFileListPaths = (
);
outputPaths = (
);
runOnlyForDeploymentPostprocessing = 0;
shellPath = /bin/sh;
shellScript = "FAILED=false\n\nif [ -z \"${FEEDLY_CLIENT_ID}\" ]; then\necho \"Missing Feedly Client ID\"\nFAILED=true\nfi\n\nif [ -z \"${FEEDLY_CLIENT_SECRET}\" ]; then\necho \"Missing Feedly Client Secret\"\nFAILED=true\nfi\n\nFEEDLY_CLIENT_SOURCE=\"${SRCROOT}/Feedly/OAuthAuthorizationClient+Feedly.swift\"\n\nif [ \"$FAILED\" = true ]; then\necho \"Missing Feedly client ID or secret. ${FEEDLY_CLIENT_SOURCE} not changed.\"\nexit 0\nfi\n\n# echo \"Substituting variables in: ${FEEDLY_CLIENT_SOURCE}\"\n\nif [ -e \"${FEEDLY_CLIENT_SOURCE}\" ]\nthen\n sed -i .tmp \"s|{FEEDLY_CLIENT_ID}|${FEEDLY_CLIENT_ID}|g; s|{FEEDLY_CLIENT_SECRET}|${FEEDLY_CLIENT_SECRET}|g\" $FEEDLY_CLIENT_SOURCE\n # echo \"`git diff ${FEEDLY_CLIENT_SOURCE}`\"\n rm -f \"${FEEDLY_CLIENT_SOURCE}.tmp\"\nelse\n echo \"File does not exist at ${FEEDLY_CLIENT_SOURCE}. Has it been moved or renamed?\"\n exit -1\nfi\n\necho \"All env values found!\"\n";
};
9E964EBC2375517100A7AF2E /* Run Script: Reset OAuthAuthorizationClient+Feedly.swift */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
);
inputFileListPaths = (
);
inputPaths = (
);
name = "Run Script: Reset OAuthAuthorizationClient+Feedly.swift";
outputFileListPaths = (
);
outputPaths = (
);
runOnlyForDeploymentPostprocessing = 0;
shellPath = /bin/sh;
shellScript = "git checkout \"${SRCROOT}/Feedly/OAuthAuthorizationClient+Feedly.swift\"\n";
};
/* End PBXShellScriptBuildPhase section */
/* Begin PBXSourcesBuildPhase section */

View File

@ -14,10 +14,10 @@ extension OAuthAuthorizationClient {
/// Models private NetNewsWire client secrets.
/// These placeholders are substitued at build time using a Run Script phase with build settings.
/// https://developer.feedly.com/v3/auth/#authenticating-a-user-and-obtaining-an-auth-code
return OAuthAuthorizationClient(id: "{FEEDLY_CLIENT_ID}",
return OAuthAuthorizationClient(id: Secrets.feedlyClientId,
redirectUri: "netnewswire://auth/feedly",
state: nil,
secret: "{FEEDLY_CLIENT_SECRET}")
secret: Secrets.feedlyClientSecret)
}
static var feedlySandboxClient: OAuthAuthorizationClient {

View File

@ -2891,9 +2891,7 @@
buildConfigurationList = 849C647A1ED37A5D003D8FC0 /* Build configuration list for PBXNativeTarget "NetNewsWire" */;
buildPhases = (
3B3A341B238D3FB200314204 /* Run Script: Update Secrets */,
51D6803823330CFF0097A009 /* Run Script: Update ArticleExtractorConfig.swift */,
849C645C1ED37A5D003D8FC0 /* Sources */,
517D2D82233A53D600FF3E35 /* Run Script: Reset ArticleExtractorConfig.swift */,
849C645D1ED37A5D003D8FC0 /* Frameworks */,
849C645E1ED37A5D003D8FC0 /* Resources */,
84C987A52000AC9E0066B150 /* Run Script: Automated build numbers */,
@ -3582,42 +3580,6 @@
shellPath = /bin/sh;
shellScript = "git checkout \"${SRCROOT}/Shared/Article Extractor/ArticleExtractorConfig.swift\"\n";
};
517D2D82233A53D600FF3E35 /* Run Script: Reset ArticleExtractorConfig.swift */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
);
inputFileListPaths = (
);
inputPaths = (
);
name = "Run Script: Reset ArticleExtractorConfig.swift";
outputFileListPaths = (
);
outputPaths = (
);
runOnlyForDeploymentPostprocessing = 0;
shellPath = /bin/sh;
shellScript = "git checkout \"${SRCROOT}/Shared/Article Extractor/ArticleExtractorConfig.swift\"\n";
};
51D6803823330CFF0097A009 /* Run Script: Update ArticleExtractorConfig.swift */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
);
inputFileListPaths = (
);
inputPaths = (
);
name = "Run Script: Update ArticleExtractorConfig.swift";
outputFileListPaths = (
);
outputPaths = (
);
runOnlyForDeploymentPostprocessing = 0;
shellPath = /bin/sh;
shellScript = "FAILED=false\n\nif [ -z \"${MERCURY_CLIENT_ID}\" ]; then\nFAILED=true\nfi\n\nif [ -z \"${MERCURY_CLIENT_SECRET}\" ]; then\nFAILED=true\nfi\n\nif [ \"$FAILED\" = true ]; then\necho \"Missing Feedbin Mercury credetials. ArticleExtractorConfig.swift not changed.\"\nexit 0\nfi\n\nsed -i .tmp \"s|{MERCURYID}|${MERCURY_CLIENT_ID}|g; s|{MERCURYSECRET}|${MERCURY_CLIENT_SECRET}|g\" \"${SRCROOT}/Shared/Article Extractor/ArticleExtractorConfig.swift\"\n\nrm -f \"${SRCROOT}/Shared/Article Extractor/ArticleExtractorConfig.swift.tmp\"\n\necho \"All env values found!\"\n\n";
};
65ED3FB5235DEF6C0081F399 /* Run Script: Update ArticleExtractorConfig.swift */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;

View File

@ -7,6 +7,7 @@
//
import Foundation
import Account
public enum ArticleExtractorState {
case ready
@ -35,9 +36,9 @@ class ArticleExtractor {
public init?(_ articleLink: String) {
self.articleLink = articleLink
let clientURL = ArticleExtractorConfig.clientURL
let username = ArticleExtractorConfig.clientId
let signiture = articleLink.hmacUsingSHA1(key: ArticleExtractorConfig.clientSecret)
let clientURL = "https://extract.feedbin.com/parser"
let username = Secrets.mercuryClientId
let signiture = articleLink.hmacUsingSHA1(key: Secrets.mercuryClientSecret)
if let base64URL = articleLink.data(using: .utf8)?.base64EncodedString() {
let fullURL = "\(clientURL)/\(username)/\(signiture)?base64_url=\(base64URL)"

View File

@ -2,7 +2,7 @@
%{
import os
secrets = ['FEED_WRANGLER_KEY']
secrets = ['FEED_WRANGLER_KEY', 'MERCURY_CLIENT_ID', 'MERCURY_CLIENT_SECRET', 'FEEDLY_CLIENT_ID', 'FEEDLY_CLIENT_SECRET']
def chunks(seq, size):
return (seq[i:(i + size)] for i in range(0, len(seq), size))
@ -17,10 +17,10 @@ def snake_to_camel(snake_str):
salt = [ord(byte) for byte in os.urandom(64)]
}%
enum Secrets {
public enum Secrets {
% for secret in secrets:
static var ${snake_to_camel(secret)}: String {
public static var ${snake_to_camel(secret)}: String {
let encoded: [UInt8] = [
% for chunk in chunks(encode(os.environ.get(secret) or "", salt), 8):
${"".join(["0x%02x, " % byte for byte in chunk])}
@ -50,4 +50,4 @@ private extension Secrets {
}, as: UTF8.self)
}
}
}