Class: AwsAssumeRole::Cli::Actions::Console

Inherits:
AbstractAction show all
Includes:
Logging, Ui
Defined in:
lib/aws_assume_role/cli/actions/console.rb

Constant Summary collapse

FEDERATION_URL =
"https://signin.aws.amazon.com/federation".freeze
CONSOLE_URL =
"https://console.aws.amazon.com".freeze
GENERIC_SIGNIN_URL =
"https://signin.aws.amazon.com/console".freeze
SIGNIN_URL =
[FEDERATION_URL, "?Action=getSigninToken", "&Session=%s"].join
LOGIN_URL =
[FEDERATION_URL, "?Action=login", "&Destination=%s", "&SigninToken=%s"].join
CommandSchema =
proc do
    required(:profile).maybe
    optional(:region) { filled? > format?(REGION_REGEX) }
    optional(:serial_number) { filled? > format?(MFA_REGEX) }
    required(:role_arn).maybe
    required(:role_session_name).maybe
    required(:duration_seconds).maybe
    rule(role_specification: %i[profile role_arn role_session_name duration_seconds]) do |p, r, s, d|
        (p.filled? | p.empty? & r.filled?) & (r.filled? > s.filled? & d.filled?)
    end
end

Constants included from AwsAssumeRole

AwsAssumeRole::Config, DefaultProvider, VERSION

Constants included from Types

Types::ACCESS_KEY_REGEX, Types::ACCESS_KEY_VALIDATOR, Types::ARN_REGEX, Types::Credentials, Types::Dry, Types::EXTERNAL_ID_REGEX, Types::MFA_REGEX, Types::MfaSerial, Types::REGION_REGEX, Types::REGION_VALIDATOR, Types::ROLE_REGEX, Types::ROLE_SESSION_NAME_REGEX, Types::Region, Types::SECRET_ACCESS_KEY_REGEX, Types::SECRET_ACCESS_KEY_VALIDATOR

Instance Method Summary collapse

Methods included from Logging

included

Methods included from Ui

ask_with_validation, error, input, out, pastel, show_validation_errors, t, validation_errors_to_s

Methods included from AwsAssumeRole

shared_config

Methods inherited from AbstractAction

#initialize

Constructor Details

This class inherits a constructor from AwsAssumeRole::Cli::Actions::AbstractAction

Instance Method Details

#act_on(config) ⇒ Object


60
61
62
63
64
65
66
67
# File 'lib/aws_assume_role/cli/actions/console.rb', line 60

def act_on(config)
    final_url = try_federation(config) || try_switch_url(config) || CONSOLE_URL
    Launchy.open final_url
rescue KeyError, Aws::Errors::NoSuchProfileError
    error format(t("errors.NoSuchProfileError"), config.profile)
rescue Aws::Errors::MissingCredentialsError
    error t("errors.MissingCredentialsError")
end

#session_json(credentials) ⇒ Object


39
40
41
42
43
44
45
# File 'lib/aws_assume_role/cli/actions/console.rb', line 39

def session_json(credentials)
    {
        sessionId: credentials.credentials.access_key_id,
        sessionKey: credentials.credentials.secret_access_key,
        sessionToken: credentials.credentials.session_token,
    }.to_json
end

#try_federation(config) ⇒ Object


28
29
30
31
32
33
34
35
36
37
# File 'lib/aws_assume_role/cli/actions/console.rb', line 28

def try_federation(config)
    credentials = try_for_credentials config.to_h
    return unless credentials.set?
    session = session_json(credentials)
     = format SIGNIN_URL, CGI.escape(session)
    sso_token = JSON.parse(URI.parse().read)["SigninToken"]
    format LOGIN_URL, CGI.escape(CONSOLE_URL), CGI.escape(sso_token)
rescue OpenURI::HTTPError
    error "Error getting federated session, forming simple switch URL instead"
end

#try_switch_url(config) ⇒ Object

Raises:

  • (Aws::Errors::NoSuchProfileError)

47
48
49
50
51
52
53
54
55
56
57
58
# File 'lib/aws_assume_role/cli/actions/console.rb', line 47

def try_switch_url(config)
    profile = AwsAssumeRole.shared_config.determine_profile(profile_name: config.profile)
    config_section = AwsAssumeRole.shared_config.parsed_config[profile]
    raise Aws::Errors::NoSuchProfileError if config_section.nil?
    resolved_role_arn = config.role_arn || config_section.fetch("role_arn", nil)
    return unless resolved_role_arn
    components = resolved_role_arn.split(":")
     = components[4]
    role = components[5].split("/").last
    display_name = config.profile || "#{}_#{role}"
    format "https://signin.aws.amazon.com/switchrole?account=%s&roleName=%s&displayName=%s", , role, display_name
end