slices.network / slices
Highly ambitious ATProtocol AppView service and sdks
138
fork

Configure Feed

Select the types of activity you want to include in your feed.

slices / frontend / scripts / register-oauth-client.sh
at 9cca9073c186d254eb784f7d3b15fd97ffeca64f 123 lines 4.3 kB view raw
chadtmiller.com waitlists!
f9c82b24
1#!/bin/bash 2 3# OAuth Dynamic Client Registration Script for AT Protocol 4# Registers a new OAuth client with the AIP server per RFC 7591 5# Usage: bash scripts/register-oauth-client.sh 6 7set -e # Exit on any error 8 9# Configuration 10AIP_BASE="${AIP_BASE_URL:-http://localhost:8081}" 11CLIENT_BASE_URL="${CLIENT_BASE_URL:-http://localhost:8080}" 12CLIENT_NAME="${CLIENT_NAME:-Slice AT Proto Client}" 13SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" 14ROOT_DIR="$(cd "$SCRIPT_DIR/.." && pwd)" 15CONFIG_FILE="$ROOT_DIR/.env" 16 17echo "🚀 OAuth Dynamic Client Registration for Slice" 18echo "AIP Server: $AIP_BASE" 19echo "Client Base URL: $CLIENT_BASE_URL" 20echo "Client Name: $CLIENT_NAME" 21echo 22 23# Check if client is already registered 24if [ -f "$CONFIG_FILE" ]; then 25 echo "⚠️ Existing OAuth client configuration found at $CONFIG_FILE" 26 echo -n "Do you want to register a new client? This will overwrite the existing config. (y/N): " 27 read -r OVERWRITE 28 if [ "$OVERWRITE" != "y" ] && [ "$OVERWRITE" != "Y" ]; then 29 echo "❌ Registration cancelled" 30 exit 1 31 fi 32fi 33 34echo "🔍 Using OAuth registration endpoint..." 35REGISTRATION_ENDPOINT="$AIP_BASE/oauth/clients/register" 36 37echo "✅ Registration endpoint: $REGISTRATION_ENDPOINT" 38echo 39 40# Create client registration request 41echo "📝 Creating client registration request..." 42REDIRECT_URI="$CLIENT_BASE_URL/oauth/callback" 43 44REGISTRATION_REQUEST=$(cat <<EOF 45{ 46 "client_name": "$CLIENT_NAME", 47 "redirect_uris": ["$REDIRECT_URI"], 48 "scope": "openid email profile atproto transition:generic account:email blob:image/* repo:network.slices.slice repo:network.slices.lexicon repo:network.slices.actor.profile repo:network.slices.waitlist.request", 49 "grant_types": ["authorization_code", "refresh_token"], 50 "response_types": ["code"], 51 "token_endpoint_auth_method": "client_secret_basic" 52} 53EOF 54) 55 56echo "Registration request:" 57echo "$REGISTRATION_REQUEST" | jq '.' 2>/dev/null || echo "$REGISTRATION_REQUEST" 58echo 59 60# Register the client 61echo "🔄 Registering client with AIP server..." 62REGISTRATION_RESPONSE=$(curl -s -X POST "$REGISTRATION_ENDPOINT" \ 63 -H "Content-Type: application/json" \ 64 -d "$REGISTRATION_REQUEST" || { 65 echo "❌ Failed to register client with AIP server" 66 echo "Make sure the AIP server is running at $AIP_BASE" 67 exit 1 68 }) 69 70echo "Registration response:" 71echo "$REGISTRATION_RESPONSE" | jq '.' 2>/dev/null || echo "$REGISTRATION_RESPONSE" 72echo 73 74# Extract client credentials 75CLIENT_ID=$(echo "$REGISTRATION_RESPONSE" | grep -o '"client_id":"[^"]*' | cut -d'"' -f4) 76CLIENT_SECRET=$(echo "$REGISTRATION_RESPONSE" | grep -o '"client_secret":"[^"]*' | cut -d'"' -f4) 77 78if [ -z "$CLIENT_ID" ] || [ -z "$CLIENT_SECRET" ]; then 79 echo "❌ Failed to extract client credentials from registration response" 80 echo "Expected client_id and client_secret in response" 81 echo "Response was: $REGISTRATION_RESPONSE" 82 exit 1 83fi 84 85echo "✅ Client registered successfully!" 86echo "Client ID: $CLIENT_ID" 87echo "Client Secret: [REDACTED]" 88echo 89 90# Save credentials to .env.oauth file 91echo "💾 Saving client credentials to $CONFIG_FILE..." 92cat > "$CONFIG_FILE" <<EOF 93# OAuth Client Credentials for Slice AT Proto Client 94# Generated on $(date) 95# AIP Server: $AIP_BASE 96 97OAUTH_CLIENT_ID="$CLIENT_ID" 98OAUTH_CLIENT_SECRET="$CLIENT_SECRET" 99OAUTH_REDIRECT_URI="$REDIRECT_URI" 100OAUTH_AIP_BASE_URL="$AIP_BASE" 101EOF 102 103echo "✅ Client registration complete!" 104echo 105echo "📋 Summary:" 106echo " - Client ID: $CLIENT_ID" 107echo " - Client Name: $CLIENT_NAME" 108echo " - Redirect URI: $REDIRECT_URI" 109echo " - Scopes: openid email profile atproto transition:generic account:email blob:image/* repo:network.slices.slice repo:network.slices.lexicon repo:network.slices.actor.profile repo:network.slices.waitlist.request" 110echo " - Config saved to: $CONFIG_FILE" 111echo 112echo "🔧 Environment variables saved to $CONFIG_FILE:" 113echo " OAUTH_CLIENT_ID" 114echo " OAUTH_CLIENT_SECRET" 115echo " OAUTH_REDIRECT_URI" 116echo " OAUTH_AIP_BASE_URL" 117echo 118echo "💡 To use these credentials in your application:" 119echo " source $CONFIG_FILE" 120echo " # Or load them in your .env file" 121echo 122echo "🧪 To test the OAuth flow, you can now use the registered credentials" 123echo " with your AtProtoClient in TypeScript/Deno."