Browse code
bug: make open web console work reliably
Ed Langley authored on 23/12/2019 21:02:17Showing 4 changed files
| ... | ... |
@@ -67,17 +67,23 @@ |
| 67 | 67 |
|
| 68 | 68 |
(defgeneric execute-action (action interface) |
| 69 | 69 |
(:method ((action (eql :|Open Web Console|)) (interface mfa-tool)) |
| 70 |
- (open-url (signin-url interface))) |
|
| 70 |
+ (let* ((credentials (current-credentials interface)) |
|
| 71 |
+ (parser (fw.lu:new 'sts-result-handler credentials)) |
|
| 72 |
+ (federation-url (url parser)) |
|
| 73 |
+ (signin-token (gethash "SigninToken" |
|
| 74 |
+ (yason:parse |
|
| 75 |
+ (dexador:get federation-url))))) |
|
| 76 |
+ (open-url (url-from-signin-token signin-token)))) |
|
| 71 | 77 |
(:method ((action (eql :|Authorize iTerm|)) (interface mfa-tool)) |
| 72 |
- (uiop:run-program (format nil "osascript '~a'" |
|
| 73 |
- (probe-file |
|
| 74 |
- (merge-pathnames (make-pathname :name "AuthorizeShell" :type "scpt") |
|
| 78 |
+ (uiop:run-program (format nil "osascript '~a'" |
|
| 79 |
+ (probe-file |
|
| 80 |
+ (merge-pathnames (make-pathname :name "AuthorizeShell" :type "scpt") |
|
| 75 | 81 |
(bundle-resource-root)))))) |
| 76 | 82 |
(:method ((action (eql :|Cloudformation Stacks|)) (interface mfa-tool)) |
| 77 |
- (let ((stack-interface (make-instance 'mfa-tool.stack:stack-interface |
|
| 78 |
- :credentials (current-credentials interface)))) |
|
| 79 |
- (mfa-tool.store:dispatch stack-interface :|Get Stacks|) |
|
| 80 |
- (capi:display stack-interface))) |
|
| 83 |
+ (let ((stack-interface (make-instance 'mfa-tool.stack:stack-interface |
|
| 84 |
+ :credentials (current-credentials interface)))) |
|
| 85 |
+ (mfa-tool.store:dispatch stack-interface :|Get Stacks|) |
|
| 86 |
+ (capi:display stack-interface))) |
|
| 81 | 87 |
(:method ((action (eql :|Lisp REPL|)) (interface mfa-tool)) |
| 82 | 88 |
(capi:contain (make-instance 'capi:listener-pane) |
| 83 | 89 |
:best-width 1280 |
| ... | ... |
@@ -171,11 +177,11 @@ |
| 171 | 177 |
*accounts* (reprocess-accounts (load-accounts accounts)) |
| 172 | 178 |
aws:*session* (mfa-tool.credential-provider:make-aws-session)) |
| 173 | 179 |
(ubiquitous:restore :cj.mfa-tool) |
| 174 |
- (interface :default-account |
|
| 180 |
+ (interface :default-account |
|
| 175 | 181 |
(ubiquitous:value :default-account))) |
| 176 | 182 |
|
| 177 | 183 |
(defun start-in-repl |
| 178 |
- (&optional (accounts (asdf:system-relative-pathname :aws-access "accounts" |
|
| 184 |
+ (&optional (accounts (asdf:system-relative-pathname :aws-access "assets/accounts" |
|
| 179 | 185 |
:type "json"))) |
| 180 | 186 |
(run accounts)) |
| 181 | 187 |
|
| ... | ... |
@@ -33,21 +33,24 @@ |
| 33 | 33 |
(yason:encode params s)) |
| 34 | 34 |
:space-to-plus t))) |
| 35 | 35 |
|
| 36 |
-(cells:defmodel |
|
| 37 |
- sts-result-handler () |
|
| 38 |
- ((api-result :initarg :api-result :accessor api-result :initform (cells:c-in nil)) |
|
| 39 |
- (credentials :reader credentials |
|
| 40 |
- :initform (cells:c? (serapeum:assocdr "Credentials" (^api-result) |
|
| 41 |
- :test 'equal))) |
|
| 36 |
+(cells:defmodel sts-result-handler () |
|
| 37 |
+ ((credentials :accessor credentials :initarg :credentials |
|
| 38 |
+ :initform (cells:c-in nil)) |
|
| 42 | 39 |
(session-id :reader session-id |
| 43 |
- :initform (cells:c? (serapeum:assocadr "AccessKeyId" (^credentials) |
|
| 44 |
- :test 'equal))) |
|
| 40 |
+ :initform (cells:c? (typecase (^credentials) |
|
| 41 |
+ (aws:credentials (aws-sdk/credentials/base:credentials-access-key-id (^credentials))) |
|
| 42 |
+ (cons (serapeum:assocadr "AccessKeyId" (^credentials) |
|
| 43 |
+ :test 'equal))))) |
|
| 45 | 44 |
(session-key :reader session-key |
| 46 |
- :initform (cells:c? (serapeum:assocadr "SecretAccessKey" (^credentials) |
|
| 47 |
- :test 'equal))) |
|
| 45 |
+ :initform (cells:c? (typecase (^credentials) |
|
| 46 |
+ (aws:credentials (aws-sdk/credentials/base:credentials-secret-access-key (^credentials))) |
|
| 47 |
+ (cons (serapeum:assocadr "SecretAccessKey" (^credentials) |
|
| 48 |
+ :test 'equal))))) |
|
| 48 | 49 |
(session-token :reader session-token |
| 49 |
- :initform (cells:c? (serapeum:assocadr "SessionToken" (^credentials) |
|
| 50 |
- :test 'equal))) |
|
| 50 |
+ :initform (cells:c? (typecase (^credentials) |
|
| 51 |
+ (aws:credentials (aws-sdk/credentials/base:credentials-session-token (^credentials))) |
|
| 52 |
+ (cons (serapeum:assocadr "SessionToken" (^credentials) |
|
| 53 |
+ :test 'equal))))) |
|
| 51 | 54 |
(url-params :reader url-params |
| 52 | 55 |
:initform (cells:c? (fw.lu:alist-string-hash-table |
| 53 | 56 |
`(("sessionId" . ,(^session-id))
|
| ... | ... |
@@ -93,8 +96,10 @@ |
| 93 | 96 |
:test-function (lambda (c) |
| 94 | 97 |
(and (find-restart 'continue) |
| 95 | 98 |
(typep c 'aws:no-credentials))))) |
| 96 |
- (let* ((api-result (cells:c-in (do-auth user role token))) |
|
| 97 |
- (parser (make-instance 'sts-result-handler :api-result api-result)) |
|
| 99 |
+ (let* ((api-result (do-auth user role token)) |
|
| 100 |
+ (parser (make-instance 'sts-result-handler |
|
| 101 |
+ :credentials (serapeum:assocdr "Credentials" api-result |
|
| 102 |
+ :test 'equal))) |
|
| 98 | 103 |
(federation-url (url parser)) |
| 99 | 104 |
(signin-token (gethash "SigninToken" |
| 100 | 105 |
(yason:parse |