git.fiddlerwoaroof.com
Browse code

feature: restarts around credential handling

Edward Langley authored on 11/10/2019 01:57:30
Showing 1 changed files
src/domain.lisp
History View file @ 32ddc77
... ... 
@@ -36,7 +36,8 @@
36 36 
                                  :token-code token))
37 37 
         (change-mfa-token (new-token)
38 38 
           :interactive read-new-mfa-token
39 
-          (setf token new-token))))))
39 
+          (setf token new-token))
40 
+        (continue ())))))
40 41
41 42 
 (defun change-mfa-token (new-value)
42 43 
   (when (find-restart 'change-mfa-token)
... ... 
@@ -82,15 +83,41 @@
82 83 
   (format nil "https://signin.aws.amazon.com/federation?Action=login&Destination=https%3A%2F%2Fconsole.aws.amazon.com&SigninToken=~a"
83 84 
           signin-token))
84 85
86 
+(defun read-new-aws-credentials ()
87 
+  (serapeum:collecting
88 
+    (fresh-line *query-io*)
89 
+    (format *query-io* "Access Key?")
90 
+    (finish-output *query-io*)
91 
+    (collect (read-line *query-io*))
92 
+    (format *query-io* "Secret Access Key?")
93 
+    (finish-output *query-io*)
94 
+    (collect (read-line *query-io*))))
95 
+
85 96 
 (defun run-process (account user token)
86 
-  (let* ((api-result (cells:c-in (do-auth user "CJDeveloperAccessRole" token account)))
87 
-         (parser (make-instance 'sts-result-handler :api-result api-result))
88 
-         (federation-url (url parser))
89 
-         (signin-token (gethash "SigninToken"
90 
-                                (yason:parse
91 
-                                 (dexador:get federation-url)))))
92 
-    (values signin-token
93 
-            parser)))
97 
+  (loop
98 
+    (restart-bind ((set-aws-credentials (lambda (access-key-id secret-access-key)
99 
+                                          (setf aws:*session*
100 
+                                                (aws:make-session :credentials (aws:make-credentials
101 
+                                                                                :access-key-id access-key-id
102 
+                                                                                :secret-access-key secret-access-key
103 
+                                                                                :session-token nil
104 
+                                                                                :provider-name "restart-provider")))
105 
+                                          (continue))
106 
+                                        :interactive-function 'read-new-aws-credentials
107 
+                                        :report-function (lambda (s)
108 
+                                                           (princ "Supply new AWS credentials" s))
109 
+                                        :test-function (lambda (c)
110 
+                                                         (and (find-restart 'continue)
111 
+                                                              (typep c 'aws:no-credentials)))))
112 
+      (let* ((api-result (cells:c-in (do-auth user "CJDeveloperAccessRole" token account)))
113 
+             (parser (make-instance 'sts-result-handler :api-result api-result))
114 
+             (federation-url (url parser))
115 
+             (signin-token (gethash "SigninToken"
116 
+                                    (yason:parse
117 
+                                     (dexador:get federation-url)))))
118 
+        (return-from run-process
119 
+          (values signin-token
120 
+                  parser))))))
94 121
95 122 
 (defun open-url (url)
96 123 
   (capi:contain (make-instance 'capi:browser-pane