This repository has been archived by the owner on Jun 7, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathprint.go
114 lines (95 loc) · 3.25 KB
/
print.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
/*
Copyright 2019 D2L Corporation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package bmx
import (
"encoding/json"
"fmt"
"log"
"github.com/rtkwlf/bmx/console"
"github.com/rtkwlf/bmx/saml/identityProviders"
"github.com/aws/aws-sdk-go/service/sts"
"github.com/rtkwlf/bmx/saml/serviceProviders"
)
const (
Bash = "bash"
Powershell = "powershell"
Json = "json"
)
type PrintCmdOptions struct {
Org string
User string
Account string
NoMask bool
Password string
Role string
Output string
AssumeRole string
Factor string
}
func GetUserInfoFromPrintCmdOptions(printOptions PrintCmdOptions) serviceProviders.UserInfo {
user := serviceProviders.UserInfo{
Org: printOptions.Org,
User: printOptions.User,
Account: printOptions.Account,
NoMask: printOptions.NoMask,
Password: printOptions.Password,
Role: printOptions.Role,
Factor: printOptions.Factor,
}
return user
}
func Print(idProvider identityProviders.IdentityProvider, awsProvider serviceProviders.ServiceProvider, consolerw console.ConsoleReader, printOptions PrintCmdOptions) string {
printOptions.User = getUserIfEmpty(consolerw, printOptions.User)
user := GetUserInfoFromPrintCmdOptions(printOptions)
saml, err := authenticate(user, idProvider, consolerw)
if err != nil {
log.Fatal(err)
}
role, err := selectRoleFromSaml(saml, printOptions.Role, awsProvider, consolerw)
if err != nil {
log.Fatal(err)
}
creds := awsProvider.GetCredentials(saml, role)
if printOptions.AssumeRole != "" {
creds, err = awsProvider.AssumeRole(*creds, printOptions.AssumeRole, printOptions.User)
if err != nil {
log.Fatal(fmt.Errorf("Could not assume role %s with current permissions", printOptions.AssumeRole))
}
}
command := printCommand(printOptions, creds)
return command
}
func printCommand(printOptions PrintCmdOptions, creds *sts.Credentials) string {
switch printOptions.Output {
case Powershell:
return printPowershell(creds)
case Bash:
return printBash(creds)
case Json:
return printJson(creds)
}
return printDefaultFormat(creds)
}
func printPowershell(credentials *sts.Credentials) string {
return fmt.Sprintf(`$env:AWS_SESSION_TOKEN='%s'; $env:AWS_ACCESS_KEY_ID='%s'; $env:AWS_SECRET_ACCESS_KEY='%s'`, *credentials.SessionToken, *credentials.AccessKeyId, *credentials.SecretAccessKey)
}
func printBash(credentials *sts.Credentials) string {
return fmt.Sprintf("export AWS_SESSION_TOKEN=%s\nexport AWS_ACCESS_KEY_ID=%s\nexport AWS_SECRET_ACCESS_KEY=%s", *credentials.SessionToken, *credentials.AccessKeyId, *credentials.SecretAccessKey)
}
func printJson(credentials *sts.Credentials) string {
credsJson, err := json.Marshal(credentials)
if err != nil {
log.Fatal("Could not properly convert credentials into JSON")
}
return string(credsJson)
}