This script requires curl and jq to be installed.
This script handles all three steps of device login.
#!/usr/bin/env bash
set -euo pipefail
# 1. start a device login for a service
DATA=$(curl -s -X POST https://spotless.run/device/dnsimple \
--data-urlencode 'client_id=http://localhost')
# 2. Instruct a user to open the verification URL and approve in a browser
echo "Open $(jq -r '.verification_uri' <<< "$DATA") in any browser and enter: $(jq -r '.user_code' <<< "$DATA")"
# 3. poll the token endpoint until the user approves
DEVICE_CODE=$(jq -r '.device_code' <<< "$DATA")
INTERVAL=$(jq -r '.interval // 5' <<< "$DATA")
while :; do
sleep "$INTERVAL"
RESP=$(curl -s -X POST https://spotless.run/token \
--data-urlencode 'grant_type=urn:ietf:params:oauth:grant-type:device_code' \
--data-urlencode 'client_id=http://localhost' \
--data-urlencode "device_code=$DEVICE_CODE")
case "$(jq -r '.error // empty' <<< "$RESP")" in
"") jq -r '.access_token' <<< "$RESP"; break ;; # success
authorization_pending) ;; # keep waiting
slow_down) INTERVAL=$((INTERVAL + 5)) ;; # back off
*) echo "auth failed: $(jq -r '.error' <<< "$RESP")" >&2; exit 1 ;; # access_denied / expired_token / etc.
esac
done