From 614aa609f86048ab4c7d284d7b0113a719c9f5b7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C4=81nis=20Jansons?= <janhouse@gmail.com>
Date: Fri, 16 Jun 2023 03:35:15 +0300
Subject: [PATCH] Adjusted for use with SwiftBar

---
 bitbar-openconnect.6s.sh | 22 +++++++++++++++-----
 run-vpn.sh               | 44 +++++++++++++++++++++-------------------
 swiftbar-vpn-plugin.sh   | 44 ++++++++++++++++++++++++++++++++++++++++
 3 files changed, 84 insertions(+), 26 deletions(-)
 create mode 100755 swiftbar-vpn-plugin.sh

diff --git a/bitbar-openconnect.6s.sh b/bitbar-openconnect.6s.sh
index a4756e9..fe2a197 100755
--- a/bitbar-openconnect.6s.sh
+++ b/bitbar-openconnect.6s.sh
@@ -14,7 +14,14 @@
 # <xbar.desc>Displays status of a VPN interface with option to connect/disconnect.</xbar.desc>
 # <xbar.image>http://i.imgur.com/RkmptwO.png</xbar.image>
 
-VPN_CONNECTED="ifconfig | grep -E  -A1 tun | grep inet"
+VPN_CONNECTED=""
+
+if [[ "$OSTYPE" == "darwin"* ]]; then
+    VPN_CONNECTED="ifconfig | egrep -A1 utun3 | grep inet"
+fi
+if [[ "$OSTYPE" == "linux-gnu"* ]]; then
+    VPN_CONNECTED="ifconfig | grep -E  -A1 tun | grep inet"
+fi
 
 function notify(){
     if [[ "$OSTYPE" == "darwin"* ]]; then
@@ -33,11 +40,16 @@ case "$1" in
     connect)
         notify "Connecting..."
 
-        # For Linux desktop use DBUS to use keychain
-        export DBUS_SESSION_BUS_ADDRESS=$DBUS_SESSION_BUS_ADDRESS
-
         cd $SCRIPT_LOCATION
-        sudo --preserve-env $SCRIPT_LOCATION/run-vpn.sh  &>> $LOG_FILE &
+
+        if [[ "$OSTYPE" == "darwin"* ]]; then
+            sudo $SCRIPT_LOCATION/run-vpn.sh &> $LOG_FILE &
+        fi
+        if [[ "$OSTYPE" == "linux-gnu"* ]]; then
+            # For Linux desktop use DBUS to use keychain
+            export DBUS_SESSION_BUS_ADDRESS=$DBUS_SESSION_BUS_ADDRESS
+            sudo --preserve-env $SCRIPT_LOCATION/run-vpn.sh &> $LOG_FILE &
+        fi
 
         until eval "$VPN_CONNECTED"; do sleep 1; done
         notify "Connected!"
diff --git a/run-vpn.sh b/run-vpn.sh
index f110db0..d790435 100755
--- a/run-vpn.sh
+++ b/run-vpn.sh
@@ -51,6 +51,8 @@ function ctrl_c() {
 SCRIPT_INCLUDE=""
 LOGIN=""
 
+COMMON_PARAMS="--pid-file=PIDFILE --no-external-auth "
+
 echo "Connecting to VPN"
 
 if test -f "$ROUTE_FILE"; then
@@ -69,30 +71,30 @@ if [[ -z "$OC_YUBIKEY" ]]; then
       LOGIN='find /run/oc-secret/login -exec cat {} \; -exec rm {} \; -exec umount /run/oc-secret \;'
     else
       TOTP=$(oathtool --totp=sha1 -b "$SEED")
-      LOGIN='echo -e "$PASSWORD\n$TOTP'
+      LOGIN='echo -e "$PASSWORD\n$TOTP"'
     fi
   fi
 else
   YUBIKEY_TOTP="--token-mode=yubioath --token-secret=$OC_YUBIKEY"
 fi
 
-if [ -z "$SEED" ] && [ -z "$OC_YUBIKEY" ]; then
-    openconnect \
-    --pid-file=PIDFILE \
-    --csd-wrapper hostscan-bypass.sh \
-    --os=mac-intel \
-    --no-external-auth \
-    $SCRIPT_INCLUDE \
-    -u $USERNAME \
-    $SERVER
-else
-  eval $LOGIN | openconnect \
-    --pid-file=PIDFILE \
-    --csd-wrapper hostscan-bypass.sh \
-    --os=mac-intel \
-    --no-external-auth \
-    $YUBIKEY_TOTP \
-    $SCRIPT_INCLUDE \
-    -u $USERNAME \
-    $SERVER
-fi
+  if [ -z "$SEED" ] && [ -z "$OC_YUBIKEY" ]; then
+      sudo openconnect \
+      $COMMON_PARAMS \
+      --csd-wrapper hostscan-bypass.sh \
+      --os=mac-intel \
+      $SCRIPT_INCLUDE \
+      -u $USERNAME \
+      $SERVER
+
+  else
+
+    eval $LOGIN | sudo openconnect \
+      $COMMON_PARAMS \
+      --csd-wrapper hostscan-bypass.sh \
+      --os=mac-intel \
+      $YUBIKEY_TOTP \
+      $SCRIPT_INCLUDE \
+      -u $USERNAME \
+      $SERVER
+  fi
diff --git a/swiftbar-vpn-plugin.sh b/swiftbar-vpn-plugin.sh
new file mode 100755
index 0000000..0910e2a
--- /dev/null
+++ b/swiftbar-vpn-plugin.sh
@@ -0,0 +1,44 @@
+#!/bin/bash
+
+# Get current status of a VPN connection with options to connect/disconnect.
+# Working with OpenConnect, but can work with any executable VPN. Commands
+# that require admin permissions should be whitelisted with 'visudo', e.g.:
+#
+#joesmith ALL=(ALL) NOPASSWD: /path/to/always-on-openconnect-vpn/run-vpn.sh
+#joesmith ALL=(ALL) NOPASSWD: /usr/bin/killall -2 openconnect
+
+# <xbar.title>VPN Status</xbar.title>
+# <xbar.version>v1.0</xbar.version>
+# <xbar.author>Jesse Jarzynka</xbar.author>
+# <xbar.author.github>jessejoe</xbar.author.github>
+# <xbar.desc>Displays status of a VPN interface with option to connect/disconnect.</xbar.desc>
+# <xbar.image>http://i.imgur.com/RkmptwO.png</xbar.image>
+
+VPN_CONNECTED="ifconfig | egrep -A1 utun3 | grep inet"
+
+case "$1" in
+    connect)
+        terminal-notifier -title "VPN" -message "Connecting..." -sender "SwiftBar"
+        cd /path/to/always-on-openconnect-vpn/
+        sudo /path/to/always-on-openconnect-vpn/run-vpn.sh  &> /tmp/vpn.log &
+        until eval "$VPN_CONNECTED"; do sleep 1; done
+        terminal-notifier -title "VPN" -message "Connected!" -sender "SwiftBar"
+        ;;
+    disconnect)
+        eval "sudo killall -2 openconnect"
+        until [ -z "$(eval "$VPN_CONNECTED")" ]; do sleep 1; done
+        terminal-notifier -title "VPN" -message "Disconnected" -sender "SwiftBar"
+        ;;
+esac
+
+if [ -n "$(eval "$VPN_CONNECTED")" ]; then
+    echo "VPN ✔"
+    echo '---'
+    echo "Disconnect VPN | bash='$0' param1=disconnect terminal=false refresh=true"
+    exit
+else
+    echo "VPN ✘"
+    echo '---'
+    echo "Connect VPN | bash='$0' param1=connect terminal=false refresh=true"
+    exit
+fi