#!/bin/bash # propfind-p12 - WebDAV PROPFIND with p12 client certificate auth # # Usage: # propfind-p12 [-t token] # propfind-p12 -h # # Options: # -t, --token Bearer token for authorization (or set SFCC_TOKEN env var) # -h, --help Show help message _propfind_p12() ( local SCRIPT_NAME; SCRIPT_NAME="$(basename "${BASH_SOURCE[0]}")" case "${BASH_SOURCE[0]}" in /dev/*|/proc/*) SCRIPT_NAME="" ;; esac case "$SCRIPT_NAME" in ""|bash|sh|zsh|dash) SCRIPT_NAME="propfind-p12" ;; esac _error() { echo "[ERR][$SCRIPT_NAME] $*" >&2; } _show_help() { local s; [ -t 1 ] && s=$'\033[4m' local r; [ -t 1 ] && r=$'\033[24m' echo "NAME" echo " $SCRIPT_NAME - WebDAV PROPFIND with p12 client certificate auth" echo "SYNOPSIS" echo " $SCRIPT_NAME [-t ${s}token${r}] ${s}hostname${r} ${s}code_version${r} ${s}p12_password${r}" echo " $SCRIPT_NAME -h" echo "DESCRIPTION" echo " Sends a WebDAV PROPFIND request (Depth: 1) to a Salesforce B2C Commerce" echo " (Demandware) instance to list cartridges at the given ${s}code_version${r}." echo " Authenticates with a Bearer token and a .p12 client certificate." echo "OPTIONS" echo " ${s}hostname${r} Instance hostname (e.g. dev01-web-example.demandware.net)" echo " ${s}code_version${r} Code version path segment (e.g. version1)" echo " ${s}p12_password${r} Password for the .p12 certificate" echo " -t, --token ${s}t${r} Bearer token for authorization (or set SFCC_TOKEN env var)" echo " -h, --help Show this help message" echo "ENVIRONMENT" echo " SFCC_TOKEN Fallback source for the Bearer token if -t/--token is not given" echo "PRECONDITIONS" echo " Two certificate files must exist in the current directory:" echo " \$USER-${s}hostname${r}.p12 Client certificate (use 'generate-p12' to create)" echo " ${s}hostname${r}_01.crt CA certificate (from SFCC Account Manager)" echo "EXIT STATUS" echo " 0 PROPFIND succeeded" echo " 2 Usage / argument error" echo " 4 Required .p12 or CA cert file not found" echo " * curl exit code (e.g. 58 = .p12 problem, 35 = TLS handshake)" echo "DEPENDENCIES" echo " curl" echo "SEE ALSO" echo " generate-p12, verify-p12" } _expand_short_opts() { # $1 = string of short-opt letters that take a value (e.g. "nXHd"); "" for flag-only scripts # $2..$N = "$@" # Populates _EXPANDED; caller does: set -- "${_EXPANDED[@]}"; unset _EXPANDED local value_opts="$1"; shift _EXPANDED=() local passthru="" local arg local rest local c for arg in "$@"; do if [ -n "$passthru" ]; then _EXPANDED+=("$arg"); continue; fi case "$arg" in --) passthru=1; _EXPANDED+=("$arg") ;; --*|-|"") _EXPANDED+=("$arg") ;; -[a-zA-Z]?*) rest="${arg#-}" while [ -n "$rest" ]; do c="${rest%"${rest#?}"}"; rest="${rest#?}" _EXPANDED+=("-$c") case "$value_opts" in *"$c"*) [ -n "$rest" ] && _EXPANDED+=("$rest") rest="" ;; esac done ;; *) _EXPANDED+=("$arg") ;; esac done } local token="" local positional=() _expand_short_opts "t" "$@" set -- "${_EXPANDED[@]}"; unset _EXPANDED while [ $# -gt 0 ]; do case "$1" in -h|--help) _show_help return 0 ;; -t|--token) shift if [ $# -eq 0 ] || [ -z "$1" ]; then _error "-t/--token requires a value. Run \`$SCRIPT_NAME -h\` for usage" return 2 fi token="$1" shift ;; --token=*) token="${1#*=}" [ -n "$token" ] || { _error "-t/--token requires a value. Run \`$SCRIPT_NAME -h\` for usage"; return 2; } shift ;; *) positional+=("$1") shift ;; esac done local hostname="${positional[0]-}" local code_version="${positional[1]-}" local p12_password="${positional[2]-}" if [ -z "$hostname" ]; then _error "hostname is required. Run \`$SCRIPT_NAME -h\` for usage" return 2 fi if [ -z "$code_version" ]; then _error "code_version is required. Run \`$SCRIPT_NAME -h\` for usage" return 2 fi if [ -z "$p12_password" ]; then _error "p12_password is required. Run \`$SCRIPT_NAME -h\` for usage" return 2 fi # Token resolution: -t/--token flag first, then $SFCC_TOKEN env fallback if [ -z "$token" ]; then token="${SFCC_TOKEN-}" fi if [ -z "$token" ]; then _error "token is required (use -t/--token or set SFCC_TOKEN). Run \`$SCRIPT_NAME -h\` for usage" return 2 fi local p12="$USER-$hostname.p12" local cacert="${hostname}_01.crt" if [ ! -f "$p12" ]; then _error "p12 file not found: $p12. Use 'generate-p12' to create one" return 4 fi if [ ! -f "$cacert" ]; then _error "CA certificate file not found: $cacert" return 4 fi local url="https://$hostname/on/demandware.servlet/webdav/Sites/Cartridges/$code_version" curl -X PROPFIND \ --url "$url" \ --cert-type p12 \ --cert "$p12:$p12_password" \ --cacert "$cacert" \ -H "Authorization: Bearer $token" \ -H 'Depth: 1' \ --data-raw '' ) _propfind_p12 "$@" __propfind_p12_rc=$? unset -f _propfind_p12 if [ -n "${BASH_SOURCE[0]}" ] && [ "${BASH_SOURCE[0]}" != "$0" ]; then eval "unset __propfind_p12_rc; return $__propfind_p12_rc" fi eval "unset __propfind_p12_rc; exit $__propfind_p12_rc"