From 07469b4aa72b172e0366bc85440c9e0fb07ae02e Mon Sep 17 00:00:00 2001
From: Moritz Poldrack <git@moritz.sh>
Date: Tue, 18 Apr 2023 19:15:27 +0200
Subject: [PATCH] add option to get access token from command

To allow adding neosays configuration to a dotfiles repo, it's
beneficial to allow providing a command to retrieve the access token
via a command (for example from a password manager).

If an access token is set while a command is set as well, the token is
overwritten in favour of the securely retrieved one.

Fixes: https://github.com/donuts-are-good/neosay/issues/1
Signed-off-by: Moritz Poldrack <git@moritz.sh>
---
 example.json |  1 +
 main.go      | 19 +++++++++++++++----
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/example.json b/example.json
index 90ec41d..9955bfc 100644
--- a/example.json
+++ b/example.json
@@ -2,5 +2,6 @@
   "homeserverURL": "https://matrix.org",
   "userID": "@example:matrix.org",
   "accessToken": "my_access_token",
+  "accessTokenCmd": "secret-tool lookup Title 'Neosay Matrix Access Token'",
   "roomID": "!oJJwhvLOYfduLjDTjA:matrix.org"
 }
diff --git a/main.go b/main.go
index a358d92..a3f3e75 100644
--- a/main.go
+++ b/main.go
@@ -2,10 +2,12 @@ package main
 
 import (
 	"bufio"
+	"bytes"
 	"encoding/json"
 	"flag"
 	"fmt"
 	"os"
+	"os/exec"
 	"path"
 	"path/filepath"
 	"strings"
@@ -16,10 +18,11 @@ import (
 )
 
 type Config struct {
-	HomeserverURL string `json:"homeserverURL"`
-	UserID        string `json:"userID"`
-	AccessToken   string `json:"accessToken"`
-	RoomID        string `json:"roomID"`
+	HomeserverURL  string `json:"homeserverURL"`
+	UserID         string `json:"userID"`
+	AccessToken    string `json:"accessToken"`
+	AccessTokenCmd string `json:"accessTokenCmd"`
+	RoomID         string `json:"roomID"`
 }
 
 const maxMessageSize = 4000
@@ -76,6 +79,14 @@ func main() {
 	}
 
 	// get the access token
+	if config.AccessTokenCmd != "" {
+		res := bytes.NewBuffer([]byte{})
+		cmd := exec.Command("/bin/sh", "-c", config.AccessTokenCmd)
+		cmd.Stdout = res
+		cmd.Run()
+
+		config.AccessToken = res.String()
+	}
 	accessToken := config.AccessToken
 	if accessToken == "" {
 		accessToken = os.Getenv("MATRIX_ACCESS_TOKEN")