From e4e6173efff2aa880eecb37509602c12eeac367e Mon Sep 17 00:00:00 2001
From: Jan-Philipp Benecke <jpb@cleverreach.com>
Date: Fri, 28 Aug 2020 11:21:20 +0200
Subject: [PATCH 1/5] CleverReach Deploy API

---
 deploy/cleverreach.sh | 70 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 70 insertions(+)
 create mode 100644 deploy/cleverreach.sh

diff --git a/deploy/cleverreach.sh b/deploy/cleverreach.sh
new file mode 100644
index 00000000..bf16ed34
--- /dev/null
+++ b/deploy/cleverreach.sh
@@ -0,0 +1,70 @@
+#!/usr/bin/env sh
+# Here is the script to deploy the cert to your CleverReach Account using the CleverReach REST API.
+# Your OAuth needs the right scope, please contact CleverReach support for that.
+#
+# It requires that jq are in the $PATH.
+#
+# Written by Jan-Philipp Benecke <github@bnck.me>
+# Public domain, 2020
+#
+# Following environment variables must be set:
+#
+#export DEPLOY_CLEVERREACH_CLIENT_ID=myid
+#export DEPLOY_CLEVERREACH_CLIENT_SECRET=mysecret
+
+cleverreach_deploy() {
+  _cdomain="$1"
+  _ckey="$2"
+  _ccert="$3"
+  _cca="$4"
+  _cfullchain="$5"
+
+  _debug _cdomain "$_cdomain"
+  _debug _ckey "$_ckey"
+  _debug _ccert "$_ccert"
+  _debug _cca "$_cca"
+  _debug _cfullchain "$_cfullchain"
+
+  _cleverreach_client_id="${DEPLOY_CLEVERREACH_CLIENT_ID}"
+  _cleverreach_client_secret="${DEPLOY_CLEVERREACH_CLIENT_SECRET}"
+
+  if [ -z "$_cleverreach_client_id" ]; then
+    _err "CleverReach Client ID is not found, please define DEPLOY_CLEVERREACH_CLIENT_ID."
+    return 1
+  fi
+  if [ -z "$_cleverreach_client_secret" ]; then
+    _err "CleverReach client secret is not found, please define DEPLOY_CLEVERREACH_CLIENT_SECRET."
+    return 1
+  fi
+
+  _saveaccountconf DEPLOY_CLEVERREACH_CLIENT_ID "${_cleverreach_client_id}"
+  _saveaccountconf DEPLOY_CLEVERREACH_CLIENT_SECRET "${_cleverreach_client_secret}"
+
+  _info "Obtaining a CleverReach access token"
+
+  _data="{\"grant_type\": \"client_credentials\", \"client_id\": \"${_cleverreach_client_id}\", \"client_secret\": \"${_cleverreach_client_secret}\"}"
+  _auth_result="$(_post "$_data" "https://rest.cleverreach.com/oauth/token.php" "" "POST" "application/json")"
+
+  _debug _data "$_data"
+  _debug _auth_result "$_auth_result"
+
+  _access_token=$(echo "$_auth_result" | _json_decode | jq -r .access_token)
+
+  _info "Uploading certificate and key to CleverReach"
+
+  _certData="{\"cert\":\"$(cat $_cfullchain | _json_encode)\", \"key\":\"$(cat $_ckey | _json_encode)\"}"
+  export _H1="Authorization: Bearer ${_access_token}"
+  _add_cert_result="$(_post "$_certData" "https://rest.cleverreach.com/v3/ssl/${_cdomain}" "" "POST" "application/json")"
+
+  _debug "Destroying token at CleverReach"
+  _post "" "https://rest.cleverreach.com/v3/oauth/token.json" "" "DELETE" "application/json"  
+
+  if ! echo "$_add_cert_result" | grep '"error":' >/dev/null; then
+    _info "Uploaded certificate successfully"
+    return 0
+  else
+    _debug _add_cert_result "$_add_cert_result"
+    _err "Unable to update certificate"
+    return 1
+  fi
+}

From 39a56884646f0a4038547037050cc8e14d560360 Mon Sep 17 00:00:00 2001
From: Jan-Philipp Benecke <jpb@cleverreach.com>
Date: Fri, 28 Aug 2020 11:28:06 +0200
Subject: [PATCH 2/5] Make CI happy

---
 deploy/cleverreach.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/deploy/cleverreach.sh b/deploy/cleverreach.sh
index bf16ed34..c22e69e1 100644
--- a/deploy/cleverreach.sh
+++ b/deploy/cleverreach.sh
@@ -52,12 +52,12 @@ cleverreach_deploy() {
 
   _info "Uploading certificate and key to CleverReach"
 
-  _certData="{\"cert\":\"$(cat $_cfullchain | _json_encode)\", \"key\":\"$(cat $_ckey | _json_encode)\"}"
+  _certData="{\"cert\":\"$(_json_encode < "$_cfullchain")\", \"key\":\"$(_json_encode < "$_ckey")\"}"
   export _H1="Authorization: Bearer ${_access_token}"
   _add_cert_result="$(_post "$_certData" "https://rest.cleverreach.com/v3/ssl/${_cdomain}" "" "POST" "application/json")"
 
   _debug "Destroying token at CleverReach"
-  _post "" "https://rest.cleverreach.com/v3/oauth/token.json" "" "DELETE" "application/json"  
+  _post "" "https://rest.cleverreach.com/v3/oauth/token.json" "" "DELETE" "application/json"
 
   if ! echo "$_add_cert_result" | grep '"error":' >/dev/null; then
     _info "Uploaded certificate successfully"

From 2a9c56d9e328716dd90503760a5834488a76c3a6 Mon Sep 17 00:00:00 2001
From: Jan-Philipp Benecke <jpb@cleverreach.com>
Date: Fri, 28 Aug 2020 11:30:23 +0200
Subject: [PATCH 3/5] Formatting for CI

---
 deploy/cleverreach.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/deploy/cleverreach.sh b/deploy/cleverreach.sh
index c22e69e1..d212846b 100644
--- a/deploy/cleverreach.sh
+++ b/deploy/cleverreach.sh
@@ -52,7 +52,7 @@ cleverreach_deploy() {
 
   _info "Uploading certificate and key to CleverReach"
 
-  _certData="{\"cert\":\"$(_json_encode < "$_cfullchain")\", \"key\":\"$(_json_encode < "$_ckey")\"}"
+  _certData="{\"cert\":\"$(_json_encode <"$_cfullchain")\", \"key\":\"$(_json_encode <"$_ckey")\"}"
   export _H1="Authorization: Bearer ${_access_token}"
   _add_cert_result="$(_post "$_certData" "https://rest.cleverreach.com/v3/ssl/${_cdomain}" "" "POST" "application/json")"
 

From f7e12b629f7bdf3b5f637189fafef0af37994f98 Mon Sep 17 00:00:00 2001
From: Jan-Philipp Benecke <jpb@cleverreach.com>
Date: Thu, 1 Oct 2020 11:26:29 +0200
Subject: [PATCH 4/5] Update CleverReach REST Endpoint

---
 deploy/cleverreach.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/deploy/cleverreach.sh b/deploy/cleverreach.sh
index d212846b..0fa07f4a 100644
--- a/deploy/cleverreach.sh
+++ b/deploy/cleverreach.sh
@@ -54,7 +54,7 @@ cleverreach_deploy() {
 
   _certData="{\"cert\":\"$(_json_encode <"$_cfullchain")\", \"key\":\"$(_json_encode <"$_ckey")\"}"
   export _H1="Authorization: Bearer ${_access_token}"
-  _add_cert_result="$(_post "$_certData" "https://rest.cleverreach.com/v3/ssl/${_cdomain}" "" "POST" "application/json")"
+  _add_cert_result="$(_post "$_certData" "https://rest.cleverreach.com/v3/ssl" "" "POST" "application/json")"
 
   _debug "Destroying token at CleverReach"
   _post "" "https://rest.cleverreach.com/v3/oauth/token.json" "" "DELETE" "application/json"

From 1db963361c4b832c048b8d85fe302d37b5d41cec Mon Sep 17 00:00:00 2001
From: Jan-Philipp Benecke <jpb@cleverreach.com>
Date: Wed, 28 Oct 2020 13:50:40 +0100
Subject: [PATCH 5/5] Rework based on review from Neilpang

---
 deploy/cleverreach.sh | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/deploy/cleverreach.sh b/deploy/cleverreach.sh
index 0fa07f4a..552d8149 100644
--- a/deploy/cleverreach.sh
+++ b/deploy/cleverreach.sh
@@ -2,8 +2,6 @@
 # Here is the script to deploy the cert to your CleverReach Account using the CleverReach REST API.
 # Your OAuth needs the right scope, please contact CleverReach support for that.
 #
-# It requires that jq are in the $PATH.
-#
 # Written by Jan-Philipp Benecke <github@bnck.me>
 # Public domain, 2020
 #
@@ -25,30 +23,32 @@ cleverreach_deploy() {
   _debug _cca "$_cca"
   _debug _cfullchain "$_cfullchain"
 
-  _cleverreach_client_id="${DEPLOY_CLEVERREACH_CLIENT_ID}"
-  _cleverreach_client_secret="${DEPLOY_CLEVERREACH_CLIENT_SECRET}"
+  _getdeployconf DEPLOY_CLEVERREACH_CLIENT_ID
+  _getdeployconf DEPLOY_CLEVERREACH_CLIENT_SECRET
 
-  if [ -z "$_cleverreach_client_id" ]; then
+  if [ -z "${DEPLOY_CLEVERREACH_CLIENT_ID}" ]; then
     _err "CleverReach Client ID is not found, please define DEPLOY_CLEVERREACH_CLIENT_ID."
     return 1
   fi
-  if [ -z "$_cleverreach_client_secret" ]; then
+  if [ -z "${DEPLOY_CLEVERREACH_CLIENT_SECRET}" ]; then
     _err "CleverReach client secret is not found, please define DEPLOY_CLEVERREACH_CLIENT_SECRET."
     return 1
   fi
 
-  _saveaccountconf DEPLOY_CLEVERREACH_CLIENT_ID "${_cleverreach_client_id}"
-  _saveaccountconf DEPLOY_CLEVERREACH_CLIENT_SECRET "${_cleverreach_client_secret}"
+  _savedeployconf DEPLOY_CLEVERREACH_CLIENT_ID "${DEPLOY_CLEVERREACH_CLIENT_ID}"
+  _savedeployconf DEPLOY_CLEVERREACH_CLIENT_SECRET "${DEPLOY_CLEVERREACH_CLIENT_SECRET}"
 
   _info "Obtaining a CleverReach access token"
 
-  _data="{\"grant_type\": \"client_credentials\", \"client_id\": \"${_cleverreach_client_id}\", \"client_secret\": \"${_cleverreach_client_secret}\"}"
+  _data="{\"grant_type\": \"client_credentials\", \"client_id\": \"${DEPLOY_CLEVERREACH_CLIENT_ID}\", \"client_secret\": \"${DEPLOY_CLEVERREACH_CLIENT_SECRET}\"}"
   _auth_result="$(_post "$_data" "https://rest.cleverreach.com/oauth/token.php" "" "POST" "application/json")"
 
   _debug _data "$_data"
   _debug _auth_result "$_auth_result"
 
-  _access_token=$(echo "$_auth_result" | _json_decode | jq -r .access_token)
+  _regex=".*\"access_token\":\"\([-._0-9A-Za-z]*\)\".*$"
+  _debug _regex "$_regex"
+  _access_token=$(echo "$_auth_result" | _json_decode | sed -n "s/$_regex/\1/p")
 
   _info "Uploading certificate and key to CleverReach"