Class: AwsAssumeRole::Cli::Actions::Console
- Inherits:
-
AbstractAction
- Object
- AbstractAction
- AwsAssumeRole::Cli::Actions::Console
- Defined in:
- lib/aws_assume_role/cli/actions/console.rb
Constant Summary collapse
- FEDERATION_URL =
"https://signin.aws.amazon.com/federation".freeze
- CONSOLE_URL =
"https://console.aws.amazon.com".freeze
- GENERIC_SIGNIN_URL =
"https://signin.aws.amazon.com/console".freeze
- SIGNIN_URL =
[FEDERATION_URL, "?Action=getSigninToken", "&Session=%s"].join
- LOGIN_URL =
[FEDERATION_URL, "?Action=login", "&Destination=%s", "&SigninToken=%s"].join
- CommandSchema =
proc do required(:profile).maybe optional(:region) { filled? > format?(REGION_REGEX) } optional(:serial_number) { filled? > format?(MFA_REGEX) } required(:role_arn).maybe required(:role_session_name).maybe required(:duration_seconds).maybe rule(role_specification: %i[profile role_arn role_session_name duration_seconds]) do |p, r, s, d| (p.filled? | p.empty? & r.filled?) & (r.filled? > s.filled? & d.filled?) end end
Constants included from AwsAssumeRole
AwsAssumeRole::Config, DefaultProvider, VERSION
Constants included from Types
Types::ACCESS_KEY_REGEX, Types::ACCESS_KEY_VALIDATOR, Types::ARN_REGEX, Types::Credentials, Types::Dry, Types::EXTERNAL_ID_REGEX, Types::MFA_REGEX, Types::MfaSerial, Types::REGION_REGEX, Types::REGION_VALIDATOR, Types::ROLE_REGEX, Types::ROLE_SESSION_NAME_REGEX, Types::Region, Types::SECRET_ACCESS_KEY_REGEX, Types::SECRET_ACCESS_KEY_VALIDATOR
Instance Method Summary collapse
- #act_on(config) ⇒ Object
- #session_json(credentials) ⇒ Object
- #try_federation(config) ⇒ Object
- #try_switch_url(config) ⇒ Object
Methods included from Logging
Methods included from Ui
ask_with_validation, error, input, out, pastel, show_validation_errors, t, validation_errors_to_s
Methods included from AwsAssumeRole
Methods inherited from AbstractAction
Constructor Details
This class inherits a constructor from AwsAssumeRole::Cli::Actions::AbstractAction
Instance Method Details
#act_on(config) ⇒ Object
62 63 64 65 66 67 68 69 |
# File 'lib/aws_assume_role/cli/actions/console.rb', line 62 def act_on(config) final_url = try_federation(config) || try_switch_url(config) || CONSOLE_URL Launchy.open final_url rescue KeyError, Aws::Errors::NoSuchProfileError error format(t("errors.NoSuchProfileError"), config.profile) rescue Aws::Errors::MissingCredentialsError error t("errors.MissingCredentialsError") end |
#session_json(credentials) ⇒ Object
41 42 43 44 45 46 47 |
# File 'lib/aws_assume_role/cli/actions/console.rb', line 41 def session_json(credentials) { sessionId: credentials.credentials.access_key_id, sessionKey: credentials.credentials.secret_access_key, sessionToken: credentials.credentials.session_token, }.to_json end |
#try_federation(config) ⇒ Object
30 31 32 33 34 35 36 37 38 39 |
# File 'lib/aws_assume_role/cli/actions/console.rb', line 30 def try_federation(config) credentials = try_for_credentials config.to_h return unless credentials.set? session = session_json(credentials) signin_url = format SIGNIN_URL, CGI.escape(session) sso_token = JSON.parse(URI.parse(signin_url).read)["SigninToken"] format LOGIN_URL, CGI.escape(CONSOLE_URL), CGI.escape(sso_token) rescue OpenURI::HTTPError error "Error getting federated session, forming simple switch URL instead" end |
#try_switch_url(config) ⇒ Object
49 50 51 52 53 54 55 56 57 58 59 60 |
# File 'lib/aws_assume_role/cli/actions/console.rb', line 49 def try_switch_url(config) profile = AwsAssumeRole.shared_config.determine_profile(profile_name: config.profile) config_section = AwsAssumeRole.shared_config.parsed_config[profile] raise Aws::Errors::NoSuchProfileError if config_section.nil? resolved_role_arn = config.role_arn || config_section.fetch("role_arn", nil) return unless resolved_role_arn components = resolved_role_arn.split(":") account = components[4] role = components[5].split("/").last display_name = config.profile || "#{account}_#{role}" format "https://signin.aws.amazon.com/switchrole?account=%s&roleName=%s&displayName=%s", account, role, display_name end |