Config

.gitignore

@@ -85,4 +85,6 @@ dist/
 .fusebox/
 
 # DynamoDB Local files
-.dynamodb/
+.dynamodb/
+.aider*
+.tool-versions

README.md

@@ -34,15 +34,21 @@ npm install
 ## Setup
 
 Some API calls require authentication or parameters, such as a user's ID to get a person's Leadership History
-`/advancements/youth/${userId}/leadershipPositionHistory`. These are configured as shell variables in the config file,
+`/advancements/youth/${userId}/leadershipPositionHistory`. These are configured as shell variables using the authentication script,
 [config.sh](config.sh).
 
-| Variable | Description |
-|----------|-------------|
-| userId | User ID of the person. Not the same as Member ID. |
-| TOKEN | JWT token for authentication to protected endpoints. [docs/authentication.md](docs/authentication.md) |
-
-Some tests will fail if you do not change the default values in the config file.
+To set up authentication:
+1. Export your my.scouting.org credentials as environment variables and then source the script:
+   ```shell
+   export SCOUT_USERNAME=<username>
+   export SCOUT_PASSWORD=<password>
+   source config.sh
+   ```
+2. This will automatically set the required environment variables:
+   - `userId`: User ID of the person (automatically fetched)
+   - `TOKEN`: JWT token for authentication (automatically fetched)
+
+Some tests will fail if you do not set up authentication using the config.sh script.
 
 ## Usage
 

api.scouting.org-command.sh

@@ -1,5 +1,14 @@
 #!/usr/bin/env bash
 
+# Check if authentication is set up
+if [ -z "$TOKEN" ] || [ -z "$userId" ]; then
+    echo "Error: Authentication not set up. Please run:"
+    echo "export SCOUT_USERNAME=<username>"
+    echo "export SCOUT_PASSWORD=<password>"
+    echo "source config.sh"
+    exit 1
+fi
+
 # shellcheck disable=SC1091
 source config.sh
 

config.sh

@@ -1,7 +1,62 @@
-#!/usr/bin/sh
+#!/usr/bin/env bash
 
-# User ID of the person. Not the same as Member ID.
-userId="12345"
+# Save and set safe shell options
+SAVED_OPTIONS="$(set +o)"
+set -uo pipefail
+trap 'eval "$SAVED_OPTIONS"' RETURN
 
-# JWT token for authentication to protected endpoints. [docs/authentication.md](docs/authentication.md)
-TOKEN="value"
+# This script must be sourced to set environment variables in the parent shell.
+# Usage:
+#   export SCOUT_USERNAME=<username>
+#   export SCOUT_PASSWORD=<password>
+#   source config.sh
+
+# Ensure the username and password are provided via environment variables
+if [ -z "${SCOUT_USERNAME:-}" ] || [ -z "${SCOUT_PASSWORD:-}" ]; then
+    echo "Error: SCOUT_USERNAME and SCOUT_PASSWORD must be set before sourcing this script."
+    return 1  # Use 'return' instead of 'exit' to avoid killing the parent shell
+fi
+
+# Verify dependencies
+for cmd in curl jq; do
+    if ! command -v "$cmd" >/dev/null 2>&1; then
+        echo "Error: $cmd is required but not installed." >&2
+        return 1
+    fi
+done
+unset cmd  # Unset the loop variable for cleanliness
+
+# Construct the login URL dynamically based on the username
+LOGIN_URL="https://my.scouting.org/api/users/${SCOUT_USERNAME}/authenticate"
+
+# Send the login request using curl
+RESPONSE=$(curl -s --fail -X POST "$LOGIN_URL" \
+    -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" \
+    -H "Content-Type: application/x-www-form-urlencoded" \
+    -H "Accept: application/json; version=2" \
+    --data-urlencode "password=$SCOUT_PASSWORD")
+
+# Extract the Bearer token and userId from the JSON response using jq
+BEARER_TOKEN=$(echo "$RESPONSE" | jq -r '.token')
+USER_ID=$(echo "$RESPONSE" | jq -r '.account.userId')
+
+# Check if the token and userId were found
+if [ "$BEARER_TOKEN" != "null" ] && [ "$USER_ID" != "null" ]; then
+    # Set the environment variables
+    export userId="$USER_ID"
+    export TOKEN="$BEARER_TOKEN"
+
+    # Optionally output the variables for debugging
+    # echo "Bearer Token: $TOKEN"
+    # echo "User ID: $USER_ID"
+
+    # Unset intermediate variables for cleanliness
+    unset RESPONSE
+    unset BEARER_TOKEN
+    unset USER_ID
+    unset SCOUT_USERNAME
+    unset SCOUT_PASSWORD
+else
+    echo "Failed to retrieve Bearer token or User ID."
+    return 1
+fi

docs/authentication.md

@@ -1,16 +1,30 @@
-
 # Authentication and Authorization
 
 Describes authentication and authorization.
 
 ## Obtaining a JWT Token
 
-- Log into Scoutbook or Internet Advancement
-- Open your browser's Web Developer Console
-- Look at the Network tab and find a HTTP request to api.scouting.org
-- Look at the request headers and find the Authorization header
-- Copy the token
-- Update the variable `TOKEN` in the config file `config.sh`.
+There are two ways to obtain a JWT token:
+
+### Automatic Method (Recommended)
+Use the `config.sh` script which automatically fetches the token:
+```shell
+export SCOUT_USERNAME=<username>
+export SCOUT_PASSWORD=<password>
+source config.sh
+```
+
+### Manual Method
+If you need to manually obtain a token:
+1. Log into Scoutbook or Internet Advancement
+2. Open your browser's Web Developer Console
+3. Look at the Network tab and find a HTTP request to api.scouting.org
+4. Look at the request headers and find the Authorization header
+5. Copy the token
+6. Set it as an environment variable:
+   ```shell
+   export TOKEN="your-token-here"
+   ```
 
 ## JWT Token Schema
 

generate_markdown.sh

@@ -2,6 +2,8 @@
 
 echo "| Variable | Description |"
 echo "|----------|-------------|"
+echo "| userId | User ID of the person (automatically fetched from my.scouting.org) |"
+echo "| TOKEN | JWT token for authentication (automatically fetched from my.scouting.org) |"
 
 # Read the config file line by line
 while IFS= read -r line; do

package.json

@@ -7,6 +7,9 @@
     "openapi-update": "optic capture api.scouting.org/openapi.yaml --update interactive"
   },
   "dependencies": {
-    "optic": "^0.1.0"
+    "csv-writer": "^1.6.0",
+    "fs": "^0.0.1-security",
+    "optic": "^0.1.0",
+    "path": "^0.12.7"
   }
 }