diff --git a/gh-cli/get-sso-credential-authorizations.sh b/gh-cli/get-sso-credential-authorizations.sh index 8858beb..87ca355 100755 --- a/gh-cli/get-sso-credential-authorizations.sh +++ b/gh-cli/get-sso-credential-authorizations.sh @@ -1,5 +1,13 @@ #!/bin/bash +if [ -z "$1" ]; then + echo "Usage: $0 " + echo "Example: ./get-sso-enabled-pats.sh my-org" + exit 1 +fi + +org="$1" + # more info: # - https://github.blog/changelog/2019-04-09-credential-authorizations-api/ # - https://github.blog/changelog/2021-11-09-expiration-dates-of-saml-authorized-pats-available-via-api/ @@ -7,7 +15,7 @@ # gets all credential types ("personal access token", "SSH key", "OAuth app token", and "GitHub app token") and their expiration (if applicable) -gh api --paginate /orgs/githubcustomers/credential-authorizations +gh api --paginate /orgs/$org/credential-authorizations # old - raw text output, 1 per line -# gh api --paginate /orgs/githubcustomers/credential-authorizations --jq='.[] | "login: \(.login) expiration: \(.authorized_credential_expires_at) ID: \(.credential_id) note: \(.authorized_credential_note) type: \(.credential_type)"' +# gh api --paginate /orgs/$org/credential-authorizations --jq='.[] | "login: \(.login) expiration: \(.authorized_credential_expires_at) ID: \(.credential_id) note: \(.authorized_credential_note) type: \(.credential_type)"' diff --git a/gh-cli/get-sso-enabled-pats.sh b/gh-cli/get-sso-enabled-pats.sh index 4d7ab89..416b397 100755 --- a/gh-cli/get-sso-enabled-pats.sh +++ b/gh-cli/get-sso-enabled-pats.sh @@ -1,15 +1,23 @@ #!/bin/bash +if [ -z "$1" ]; then + echo "Usage: $0 " + echo "Example: ./get-sso-enabled-pats.sh my-org" + exit 1 +fi + +org="$1" + # more info: # - https://github.blog/changelog/2019-04-09-credential-authorizations-api/ # - https://github.blog/changelog/2021-11-09-expiration-dates-of-saml-authorized-pats-available-via-api/ # - https://docs.github.com/en/enterprise-cloud@latest/rest/orgs/orgs?apiVersion=2022-11-28#list-saml-sso-authorizations-for-an-organization # credential_type: personal access token, SSH key, OAuth app token, GitHub app token -gh api --paginate /orgs/githubcustomers/credential-authorizations --jq='.[] | select(.credential_type == "personal access token" and .token_last_eight != null)' # the null check is b/c we only want to get active PATs +gh api --paginate /orgs/$org/credential-authorizations --jq='.[] | select(.credential_type == "personal access token" and .token_last_eight != null)' # the null check is b/c we only want to get active PATs # old - raw text output, 1 per line -# gh api --paginate /orgs/githubcustomers/credential-authorizations --jq='.[] | select(.credential_type == "personal access token" and .token_last_eight != null) | "login: \(.login) expiration: \(.authorized_credential_expires_at) ID: \(.credential_id) note: \(.authorized_credential_note) type: \(.credential_type))"' +# gh api --paginate /orgs/$org/credential-authorizations --jq='.[] | select(.credential_type == "personal access token" and .token_last_eight != null) | "login: \(.login) expiration: \(.authorized_credential_expires_at) ID: \(.credential_id) note: \(.authorized_credential_note) type: \(.credential_type))"' # old - raw text output, 1 per line, with scopes -# gh api --paginate /orgs/githubcustomers/credential-authorizations --jq='.[] | select(.credential_type == "personal access token" and .token_last_eight != null) | "login: \(.login) expiration: \(.authorized_credential_expires_at) ID: \(.credential_id) note: \(.authorized_credential_note) type: \(.credential_type) scopes: \((.scopes // ["None"]) | join(", "))"' +# gh api --paginate /orgs/$org/credential-authorizations --jq='.[] | select(.credential_type == "personal access token" and .token_last_eight != null) | "login: \(.login) expiration: \(.authorized_credential_expires_at) ID: \(.credential_id) note: \(.authorized_credential_note) type: \(.credential_type) scopes: \((.scopes // ["None"]) | join(", "))"' diff --git a/gh-cli/get-sso-enabled-ssh-keys.sh b/gh-cli/get-sso-enabled-ssh-keys.sh index dd87f15..d56731c 100755 --- a/gh-cli/get-sso-enabled-ssh-keys.sh +++ b/gh-cli/get-sso-enabled-ssh-keys.sh @@ -1,12 +1,20 @@ #!/bin/bash +if [ -z "$1" ]; then + echo "Usage: $0 " + echo "Example: ./get-sso-enabled-pats.sh my-org" + exit 1 +fi + +org="$1" + # more info: # - https://github.blog/changelog/2019-04-09-credential-authorizations-api/ # - https://github.blog/changelog/2021-11-09-expiration-dates-of-saml-authorized-pats-available-via-api/ # - https://docs.github.com/en/enterprise-cloud@latest/rest/orgs/orgs?apiVersion=2022-11-28#list-saml-sso-authorizations-for-an-organization # credential_type: personal access token, SSH key, OAuth app token, GitHub app token -gh api --paginate /orgs/githubcustomers/credential-authorizations --jq='.[] | select(.credential_type == "SSH key")' +gh api --paginate /orgs/$org/credential-authorizations --jq='.[] | select(.credential_type == "SSH key")' # old - raw text output, 1 per line -# gh api --paginate /orgs/githubcustomers/credential-authorizations --jq='.[] | select(.credential_type == "SSH key") | "login: \(.login) ID: \(.credential_id) title: \(.authorized_credential_title) type: \(.credential_type)"' +# gh api --paginate /orgs/$org/credential-authorizations --jq='.[] | select(.credential_type == "SSH key") | "login: \(.login) ID: \(.credential_id) title: \(.authorized_credential_title) type: \(.credential_type)"'