Merge pull request #520 from rusq/i519-cook-token

rusq · web-flow · commit 429b0d4951d2 · 2025-06-01T22:04:18.000+10:00
Fetch Token based on d= cookie
diff --git a/auth/auth.go b/auth/auth.go
@@ -12,6 +12,7 @@ import (
 	"github.com/charmbracelet/huh/spinner"
 	"github.com/rusq/chttp"
 	"github.com/rusq/slack"
+	"github.com/rusq/slackauth"
 )
 
 const SlackURL = "https://slack.com"
@@ -127,7 +128,7 @@ func (s simpleProvider) Test(ctx context.Context) (*slack.AuthTestResponse, erro
 }
 
 func (s simpleProvider) HTTPClient() (*http.Client, error) {
-	return chttp.New(SlackURL, s.Cookies())
+	return chttp.New(SlackURL, s.Cookies(), chttp.WithUserAgent(slackauth.DefaultUserAgent))
 }
 
 func pleaseWait(ctx context.Context, msg string) func() {
diff --git a/auth/testdata/redirect.html b/auth/testdata/redirect.html
diff --git a/auth/token.go b/auth/token.go
@@ -0,0 +1,76 @@
+package auth
+
+import (
+	"bufio"
+	"context"
+	"errors"
+	"fmt"
+	"io"
+	"net/http"
+	"regexp"
+	"strings"
+
+	"github.com/rusq/slackauth"
+)
+
+var ssbURI = func(workspace string) string {
+	return "https://" + workspace + ".slack.com/ssb/redirect"
+}
+
+func getTokenByCookie(ctx context.Context, workspaceName string, dCookie string) (string, []*http.Cookie, error) {
+	if dCookie == "" {
+		return "", nil, ErrNoCookies
+	}
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, ssbURI(workspaceName), nil)
+	if err != nil {
+		return "", nil, fmt.Errorf("failed to create request: %w", err)
+	}
+	req.Header.Add("User-Agent", slackauth.DefaultUserAgent)
+	req.Header.Add("Cookie", "d="+dCookie)
+	resp, err := http.DefaultClient.Do(req)
+	if err != nil {
+		return "", nil, fmt.Errorf("failed to make request: %w", err)
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode != http.StatusOK {
+		return "", nil, fmt.Errorf("request failed with status code %d", resp.StatusCode)
+	}
+	token, err := extractToken(resp.Body)
+	if err != nil {
+		return "", nil, err
+	}
+	cookies := append(resp.Cookies(), makeCookie("d", dCookie))
+	return token, cookies, nil
+}
+
+var tokenRegex = regexp.MustCompile(`"api_token":"([^"]+)"`)
+
+var errNoToken = errors.New("token not found")
+
+// extractToken extracts the API token from the provided reader.
+// It expects that reader points to an HTML page retrieved from
+// /ssb/redirect
+func extractToken(r io.Reader) (string, error) {
+	var token string
+	br := bufio.NewReader(r)
+	for {
+		line, err := br.ReadString('\n')
+		if err != nil {
+			if errors.Is(err, io.EOF) {
+				return token, errNoToken
+			}
+			return "", fmt.Errorf("read: %w", err)
+		}
+		text := strings.TrimSpace(line)
+		if !strings.Contains(text, "api_token") {
+			continue
+		}
+		matches := tokenRegex.FindStringSubmatch(text)
+		if len(matches) < 2 || (len(matches) == 2 && matches[1] == "") {
+			return "", errNoToken
+		}
+		token = matches[1]
+		break
+	}
+	return token, nil
+}
diff --git a/auth/token_test.go b/auth/token_test.go
@@ -0,0 +1,115 @@
+package auth
+
+import (
+	"bytes"
+	"context"
+	_ "embed"
+	"io"
+	"net/http"
+	"net/http/httptest"
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_getTokenByCookie(t *testing.T) {
+	oldTimeFunc := timeFunc
+	timeFunc = func() time.Time {
+		return time.Date(2025, 6, 1, 0, 0, 0, 0, time.UTC)
+	}
+	t.Cleanup(func() {
+		timeFunc = oldTimeFunc
+	})
+
+	type args struct {
+		ctx           context.Context
+		workspaceName string
+		dCookie       string
+	}
+	tests := []struct {
+		name     string
+		args     args
+		testBody []byte
+		want     string
+		want1    []*http.Cookie
+		wantErr  bool
+	}{
+		{
+			name: "finds the token and cookies",
+			args: args{
+				ctx:           context.Background(),
+				workspaceName: "test",
+				dCookie:       "dcookie",
+			},
+			testBody: testBody,
+			want:     "xoxc-000000000300-604451271345-8802919159412-ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
+			want1: []*http.Cookie{
+				{Name: "unit", Value: "test", Raw: "unit=test"},
+				makeCookie("d", "dcookie"),
+			},
+			wantErr: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+				http.SetCookie(w, &http.Cookie{Name: "unit", Value: "test"})
+				io.Copy(w, bytes.NewReader(tt.testBody))
+			}))
+			ssbURI = func(string) string {
+				return srv.URL
+			}
+			got, got1, err := getTokenByCookie(tt.args.ctx, tt.args.workspaceName, tt.args.dCookie)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("getTokenByCookie() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if got != tt.want {
+				t.Errorf("getTokenByCookie() got = %v, want %v", got, tt.want)
+			}
+			assert.EqualExportedValues(t, tt.want1, got1)
+		})
+	}
+}
+
+//go:embed testdata/redirect.html
+var testBody []byte
+
+func Test_extractToken(t *testing.T) {
+	type args struct {
+		r io.Reader
+	}
+	tests := []struct {
+		name    string
+		args    args
+		want    string
+		wantErr bool
+	}{
+		{
+			name:    "extracts token from the HTML body",
+			args:    args{r: bytes.NewReader(testBody)},
+			want:    "xoxc-000000000300-604451271345-8802919159412-ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
+			wantErr: false,
+		},
+		{
+			name:    "no token is an error",
+			args:    args{strings.NewReader("first line\nsecond line\n")},
+			want:    "",
+			wantErr: true,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got, err := extractToken(tt.args.r)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("extractToken() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if got != tt.want {
+				t.Errorf("extractToken() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
diff --git a/auth/value.go b/auth/value.go
@@ -1,6 +1,7 @@
 package auth
 
 import (
+	"context"
 	"fmt"
 	"net/http"
 	"net/url"
@@ -59,6 +60,19 @@ func NewValueCookiesAuth(token string, cookies []*http.Cookie) (ValueAuth, error
 	}}, nil
 }
 
+// NewCookieOnlyAuth uses workspace name and dCookie to get the token value and returns
+// a ValueAuth.
+func NewCookieOnlyAuth(ctx context.Context, workspace, dCookie string) (ValueAuth, error) {
+	if dCookie == "" {
+		return ValueAuth{}, ErrNoCookies
+	}
+	token, cookies, err := getTokenByCookie(ctx, workspace, dCookie)
+	if err != nil {
+		return ValueAuth{}, err
+	}
+	return NewValueCookiesAuth(token, cookies)
+}
+
 var timeFunc = time.Now
 
 func makeCookie(key, val string) *http.Cookie {
diff --git a/cmd/slackdump/internal/workspace/workspaceui/tokencookie.go b/cmd/slackdump/internal/workspace/workspaceui/tokencookie.go
@@ -2,8 +2,11 @@ package workspaceui
 
 import (
 	"context"
+	"errors"
+	"strings"
 
 	"github.com/charmbracelet/huh"
+
 	"github.com/rusq/slackdump/v3/auth"
 	"github.com/rusq/slackdump/v3/cmd/slackdump/internal/ui"
 	"github.com/rusq/slackdump/v3/internal/structures"
@@ -131,3 +134,63 @@ func prgTokenCookieFile(ctx context.Context, mgr manager) error {
 
 	return success(ctx, workspace)
 }
+
+func prgCookieOnly(ctx context.Context, mgr manager) error {
+	var (
+		wspname   string
+		cookie    string
+		confirmed bool
+	)
+
+	newCookieProvFn := func(wsp, cookie string) (auth.ValueAuth, error) {
+		return auth.NewCookieOnlyAuth(ctx, wsp, cookie)
+	}
+
+	for !confirmed {
+		f := huh.NewForm(huh.NewGroup(
+			huh.NewInput().Title("Workspace").
+				Description("Workspace Name (just the name, not the URL)").
+				Placeholder("my-team-workspace").
+				Value(&wspname).
+				Validate(validateWspName),
+			huh.NewInput().Title("Cookie").
+				Description("Session cookie").
+				Placeholder("xoxd-...").
+				Value(&cookie),
+			huh.NewConfirm().Title("Confirm creation of workspace?").
+				Description("Once confirmed this will check the credentials for validity, fetch the token\nand create a new workspace").
+				Value(&confirmed).
+				Validate(makeValidator(ctx, &wspname, &cookie, newCookieProvFn)),
+		)).WithTheme(ui.HuhTheme()).WithKeyMap(ui.DefaultHuhKeymap)
+		if err := f.RunWithContext(ctx); err != nil {
+			return err
+		}
+		if !confirmed {
+			return nil
+		}
+
+		prov, err := auth.NewCookieOnlyAuth(ctx, wspname, cookie)
+		if err != nil {
+			return err
+		}
+		name, err := mgr.CreateAndSelect(ctx, prov)
+		if err != nil {
+			confirmed = false
+			retry := askRetry(ctx, name, err)
+			if !retry {
+				return nil
+			}
+		} else {
+			break
+		}
+	}
+
+	return success(ctx, wspname)
+}
+
+func validateWspName(s string) error {
+	if strings.Contains(s, "://") || strings.Contains(s, "slack.com") {
+		return errors.New("workspace name, not URL, i.e. for https://my-team.slack.com, enter my-team")
+	}
+	return nil
+}
diff --git a/cmd/slackdump/internal/workspace/workspaceui/workspaceui.go b/cmd/slackdump/internal/workspace/workspaceui/workspaceui.go
@@ -52,6 +52,7 @@ func ShowUI(ctx context.Context, opts ...UIOption) error {
 	}
 	const (
 		actLogin        = "ezlogin"
+		actCookie       = "cookie"
 		actToken        = "token"
 		actTokenFile    = "tokenfile"
 		actSecrets      = "secrets"
@@ -83,6 +84,11 @@ func ShowUI(ctx context.Context, opts ...UIOption) error {
 		{
 			Separator: true,
 		},
+		{
+			ID:   actCookie,
+			Name: "Cookie and Workspace Name",
+			Help: "Enter d= cookie and workspace name, token fetched automatically",
+		},
 		{
 			ID:   actToken,
 			Name: "Token/Cookie",
@@ -124,6 +130,7 @@ func ShowUI(ctx context.Context, opts ...UIOption) error {
 	// new workspace methods
 	methods := map[string]func(context.Context, manager) error{
 		actLogin:     brwsLogin(),
+		actCookie:    prgCookieOnly,
 		actToken:     prgTokenCookie,
 		actTokenFile: prgTokenCookieFile,
 		actSecrets:   fileWithSecrets,
diff --git a/go.mod b/go.mod
@@ -27,7 +27,7 @@ require (
 	github.com/playwright-community/playwright-go v0.5200.0
 	github.com/pressly/goose/v3 v3.24.3
 	github.com/pterm/pterm v0.12.80
-	github.com/rusq/chttp v1.0.2
+	github.com/rusq/chttp v1.1.0
 	github.com/rusq/encio v0.2.0
 	github.com/rusq/fsadapter v1.1.0
 	github.com/rusq/osenv/v2 v2.0.1
diff --git a/go.sum b/go.sum
@@ -203,6 +203,8 @@ github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0t
 github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc=
 github.com/rusq/chttp v1.0.2 h1:bc8FTKE/l318Kie3sb2KrGi7Fu5tSDQY+JiXMsq4fO8=
 github.com/rusq/chttp v1.0.2/go.mod h1:bmuoQMUFs9fmigUmT7xbp8s0rHyzUrf7+78yLklr1so=
+github.com/rusq/chttp v1.1.0 h1:lfUALJ51uRLgb4tc7joXFOgz9pzKBmc4vGq0UDu3dmk=
+github.com/rusq/chttp v1.1.0/go.mod h1:bmuoQMUFs9fmigUmT7xbp8s0rHyzUrf7+78yLklr1so=
 github.com/rusq/encio v0.2.0 h1:+EbYnoLrX/mfwjBp0HqozdfOB2EplNDgbA2vIQvnCuY=
 github.com/rusq/encio v0.2.0/go.mod h1:AP3lDpo/BkcHcOMNduBlZdd0sbwhruq6+NZtYm5Mxb0=
 github.com/rusq/fsadapter v1.1.0 h1:/tuzrPNGr4Tx2f8fPK+WudSRBLDvjjDaqVvto1yrVdk=

Original file line number	Diff line number	Diff line change
`@@ -12,6 +12,7 @@ import (`
`12`	`12`	`"github.com/charmbracelet/huh/spinner"`
`13`	`13`	`"github.com/rusq/chttp"`
`14`	`14`	`"github.com/rusq/slack"`
	`15`	`+ "github.com/rusq/slackauth"`
`15`	`16`	`)`
`16`	`17`
`17`	`18`	`const SlackURL = "https://slack.com"`
`@@ -127,7 +128,7 @@ func (s simpleProvider) Test(ctx context.Context) (*slack.AuthTestResponse, erro`
`127`	`128`	`}`
`128`	`129`
`129`	`130`	`func (s simpleProvider) HTTPClient() (*http.Client, error) {`
`130`		`- return chttp.New(SlackURL, s.Cookies())`
	`131`	`+ return chttp.New(SlackURL, s.Cookies(), chttp.WithUserAgent(slackauth.DefaultUserAgent))`
`131`	`132`	`}`
`132`	`133`
`133`	`134`	`func pleaseWait(ctx context.Context, msg string) func() {`