Browse code
feat: add support utilities for authorizing a shell
Ed Langley authored on 21/08/2020 20:44:12
Showing 1 changed files
Showing 1 changed files
1 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,53 @@ |
1 |
+ensure-aws-creds() { |
|
2 |
+ if [[ -f "$HOME/.cj-aws" ]]; then |
|
3 |
+ source "$HOME/.cj-aws" |
|
4 |
+ export AWS_ACCESS_KEY_ID |
|
5 |
+ export AWS_SECRET_ACCESS_KEY |
|
6 |
+ export AWS_SESSION_TOKEN |
|
7 |
+ fi |
|
8 |
+} |
|
9 |
+ |
|
10 |
+cleanup-cred-file() { |
|
11 |
+ echo "Cleaning up old credentials." |
|
12 |
+ rm -f "$HOME/.cj-aws" |
|
13 |
+} |
|
14 |
+ |
|
15 |
+aws-end-session() { |
|
16 |
+ cleanup-cred-file |
|
17 |
+ |
|
18 |
+ unset AWS_ACCESS_KEY_ID |
|
19 |
+ unset AWS_SECRET_ACCESS_KEY |
|
20 |
+ unset AWS_SESSION_TOKEN |
|
21 |
+} |
|
22 |
+ |
|
23 |
+aws-open-console() { |
|
24 |
+ open "$(aws-get-url-inline)" |
|
25 |
+} |
|
26 |
+ |
|
27 |
+aws-get-url-inline() { |
|
28 |
+ python3 <<EOF |
|
29 |
+import http.client |
|
30 |
+import json |
|
31 |
+import urllib.parse |
|
32 |
+ |
|
33 |
+result = json.dumps({ |
|
34 |
+ "sessionId": "$AWS_ACCESS_KEY_ID", |
|
35 |
+ "sessionKey": "$AWS_SECRET_ACCESS_KEY", |
|
36 |
+ "sessionToken": "$AWS_SESSION_TOKEN" |
|
37 |
+}) |
|
38 |
+ |
|
39 |
+path = '/federation?Action=getSigninToken&Session=' + urllib.parse.quote_plus(result, safe="") |
|
40 |
+ |
|
41 |
+conn = http.client.HTTPSConnection("signin.aws.amazon.com") |
|
42 |
+conn.request("GET", path) |
|
43 |
+rq = conn.getresponse() |
|
44 |
+ |
|
45 |
+if rq.status != 200: |
|
46 |
+ raise Exception('request failed because %s', rq.reason) |
|
47 |
+ |
|
48 |
+data = json.load(rq) |
|
49 |
+signin_token = data['SigninToken'] |
|
50 |
+ |
|
51 |
+print('https://signin.aws.amazon.com/federation?Action=login&Destination=https%3A%2F%2Fconsole.aws.amazon.com&SigninToken='+signin_token) |
|
52 |
+EOF |
|
53 |
+} |