ssh-import-id

Merge ~brodock/ssh-import-id:add-gitlab-support into ssh-import-id:master

  1. Git
  2. lp:~brodock/ssh-import-id
  3. add-gitlab-support
  4. Merge into master
Proposed by Gabriel Mazetto
Status: Needs review
Proposed branch: ~brodock/ssh-import-id:add-gitlab-support
Merge into: ssh-import-id:master
Diff against target: 110 lines (+55/-1)
4 files modified
debian/links (+1/-0)
ssh_import_id/__init__.py (+27/-0)
usr/bin/ssh-import-id-gl (+23/-0)
usr/share/man/man1/ssh-import-id.1 (+4/-1)
Reviewer Review Type Date Requested Status
ssh-import-id Pending
Review via email: mp+415751@code.launchpad.net

Commit message

add support for gl:username (GitLab)

Description of the change

add "gl" protocol to retrieve keys from GitLab.com REST API

To post a comment you must log in.
Revision history for this message
Dustin Kirkland  (kirkland) wrote :

Thanks for this. I've incorporated and tested a modified version of this, and proposed it for merging to the upstream maintainers. Cheers, Dustin

Reply
Revision history for this message
Scott Moser (smoser) wrote :

Dustin's PR is at https://code.launchpad.net/~kirkland/ssh-import-id/+git/ssh-import-id/+merge/445392

Reply

Unmerged commits

89f087f... by Gabriel Mazetto

add support for gl:username (GitLab)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/debian/links b/debian/links
index 1ad132a..a76f9d9 100644
--- a/debian/links
+++ b/debian/links
@@ -1,2 +1,3 @@
1usr/share/man/man1/ssh-import-id.1 usr/share/man/man1/ssh-import-id-lp.11usr/share/man/man1/ssh-import-id.1 usr/share/man/man1/ssh-import-id-lp.1
2usr/share/man/man1/ssh-import-id.1 usr/share/man/man1/ssh-import-id-gh.12usr/share/man/man1/ssh-import-id.1 usr/share/man/man1/ssh-import-id-gh.1
3usr/share/man/man1/ssh-import-id.1 usr/share/man/man1/ssh-import-id-gl.1
3\ No newline at end of file4\ No newline at end of file
diff --git a/ssh_import_id/__init__.py b/ssh_import_id/__init__.py
index 034adda..d5b0ffc 100644
--- a/ssh_import_id/__init__.py
+++ b/ssh_import_id/__init__.py
@@ -224,6 +224,8 @@ def fetch_keys(proto, username, useragent):
224 return fetch_keys_lp(username, useragent)224 return fetch_keys_lp(username, useragent)
225 if proto == "gh":225 if proto == "gh":
226 return fetch_keys_gh(username, useragent)226 return fetch_keys_gh(username, useragent)
227 if proto == "gl":
228 return fetch_keys_gl(username, useragent)
227229
228 die("ssh-import-id protocol handler %s: not found or cannot execute" %230 die("ssh-import-id protocol handler %s: not found or cannot execute" %
229 (proto))231 (proto))
@@ -355,6 +357,31 @@ def fetch_keys_gh(ghid, useragent):
355 die(str(e))357 die(str(e))
356 return keys358 return keys
357359
360def fetch_keys_gl(glid, useragent):
361 ratelimit_remaining = 'ratelimit-remaining'
362 help_url = 'https://docs.gitlab.com/ee/user/gitlab_com/index.html#gitlabcom-specific-rate-limits'
363 keys = ""
364 try:
365 url = "https://gitlab.com/api/v4/users/%s/keys" % (quote_plus(glid))
366 headers = {'User-Agent': user_agent(useragent)}
367 try:
368 with urlopen(Request(url, headers=headers),
369 timeout=DEFAULT_TIMEOUT) as resp:
370 data = json.load(resp)
371 except urllib.error.HTTPError as e:
372 msg = 'Requesting GitLab keys failed.'
373 if e.code == 404:
374 msg = 'Username "%s" not found at GitLab API.' % glid
375 elif e.hdrs.get(ratelimit_remaining) == "0":
376 msg = ('GitLab REST API rate-limited this IP address. See %s .'
377 % help_url)
378 die(msg + " status_code=%d user=%s" % (e.code, glid))
379 for gl_keys in data:
380 keys += "%s %s@gitlab/%s %s\n" % (gl_keys['key'], glid, gl_keys['id'], gl_keys['title'])
381 # pylint: disable=broad-except
382 except Exception as e:
383 die(str(e))
384 return keys
358385
359def main():386def main():
360 errors = []387 errors = []
diff --git a/usr/bin/ssh-import-id-gl b/usr/bin/ssh-import-id-gl
361new file mode 100755388new file mode 100755
index 0000000..bbca300
--- /dev/null
+++ b/usr/bin/ssh-import-id-gl
@@ -0,0 +1,23 @@
1#!/bin/sh
2#
3# ssh-import-id - Authorize SSH public keys from trusted online identities.
4#
5# Copyright (c) 2016 Dustin Kirkland <dustin.kirkland@gmail.com>
6#
7# ssh-import-id is free software: you can redistribute it and/or modify
8# it under the terms of the GNU General Public License as published by
9# the Free Software Foundation, version 3.
10#
11# ssh-import-id is distributed in the hope that it will be useful,
12# but WITHOUT ANY WARRANTY; without even the implied warranty of
13# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14# GNU General Public License for more details.
15#
16# You should have received a copy of the GNU General Public License
17# along with ssh-import-id. If not, see <http://www.gnu.org/licenses/>.
18
19set -e
20
21for i in $@; do
22 ssh-import-id gl:$i
23done
diff --git a/usr/share/man/man1/ssh-import-id.1 b/usr/share/man/man1/ssh-import-id.1
index 6d26fa7..540cbe5 100644
--- a/usr/share/man/man1/ssh-import-id.1
+++ b/usr/share/man/man1/ssh-import-id.1
@@ -9,12 +9,14 @@
99
10.BI "ssh\-import\-id\-gh USER_ID_1 [USER_ID_2] ... [USER_ID_n]10.BI "ssh\-import\-id\-gh USER_ID_1 [USER_ID_2] ... [USER_ID_n]
1111
12.BI "ssh\-import\-id\-gl USER_ID_1 [USER_ID_2] ... [USER_ID_n]
13
12.SH OPTIONS14.SH OPTIONS
13 \-h | \-\-help usage15 \-h | \-\-help usage
14 \-o | \-\-output F write output to file 'F' (default ~/.ssh/authorized_keys, use "\-" for standard out)16 \-o | \-\-output F write output to file 'F' (default ~/.ssh/authorized_keys, use "\-" for standard out)
15 \-r | \-\-remove remove keys from authorized keys file 'F'17 \-r | \-\-remove remove keys from authorized keys file 'F'
16 \-u | \-\-useragent U append U to the user agent string18 \-u | \-\-useragent U append U to the user agent string
17 PROTO:USER_ID Protocol can be 'lp' for Launchpad.net, or 'gh' for Github.com19 PROTO:USER_ID Protocol can be 'lp' for Launchpad.net, 'gh' for Github.com, or 'gl' for GitLab.com
1820
19.SH DESCRIPTION21.SH DESCRIPTION
20This utility will securely contact a public keyserver and retrieve one or more user's public keys, and append these to the current user's \fI~/.ssh/authorized_keys\fP file, standard output or any other specified output file.22This utility will securely contact a public keyserver and retrieve one or more user's public keys, and append these to the current user's \fI~/.ssh/authorized_keys\fP file, standard output or any other specified output file.
@@ -23,6 +25,7 @@ User IDs can be prepended by a protocol:
2325
24 - \fBlp:\fP to use \fIhttps://launchpad.net/~%s/+sshkeys\fP26 - \fBlp:\fP to use \fIhttps://launchpad.net/~%s/+sshkeys\fP
25 - \fBgh:\fP to use \fIhttps://api.github.com/users/%s/keys\fP27 - \fBgh:\fP to use \fIhttps://api.github.com/users/%s/keys\fP
28 - \fBgl:\fP to use \fIhttps://gitlab.com/users/%s/keys\fP
2629
27If the protocol is not explicitly specified, then \fBssh-import-id\fP will read a URL variable string from \fI/etc/ssh/ssh_import_id\fP as installed by your package manager and configured by your system administrator. You can override this locally by exporting the string you want in a URL environment variable. If all of these are empty, then the protocol is assumed to be "lp:", which was the original target implementation of this tool.30If the protocol is not explicitly specified, then \fBssh-import-id\fP will read a URL variable string from \fI/etc/ssh/ssh_import_id\fP as installed by your package manager and configured by your system administrator. You can override this locally by exporting the string you want in a URL environment variable. If all of these are empty, then the protocol is assumed to be "lp:", which was the original target implementation of this tool.
2831

Subscribers

People subscribed via source and target branches

to all changes: