awskeyring 1.8.5 → 1.9.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: df8b15491f307691db7f25727bdc12f5a90ba71b816e6b14b14a71bdbd53c594
-  data.tar.gz: af3cc61ea5c8c44025254b5fb9a90a087e67a2c556f7391006acc188ab5be214
+  metadata.gz: ab7e97d00115352839c4d8e0824bb600df50322cab8fc819236635ff17235c3b
+  data.tar.gz: bc9f08082c31fe1fdc130506ccab07f782b78b55aa8b55d45b51d2c93305a9fc
 SHA512:
-  metadata.gz: c20ade29e6499e0fa836cb7532dd1dd8776659ed7c3e69cc905c6ea34ae5a46b3af24320a94781996af7cdbb0cc4e69fabe86259d7aaa99048b577c5a9a09208
-  data.tar.gz: 547a0ad97e0e38b7b6e61d7b8275ab75c18a114d83a540de293c410cd4835f4a429bf829863e62fce4c8350ece488d0d4d4a0571c17b9e1a0b97b4416eaa51e2
+  metadata.gz: 200fd3d71505cb09266c76ff58ed9ad09ed671353b3df800aa774e68e482e4f02d87304cd5af59a978f084493da97352b10eed7fa47fa3aafad7a4aabdbfdd26
+  data.tar.gz: e0e114ab4d902e2ca79d571a34b88fd7d600abd322e6a98a2e44bd90f8b705a2d9571e9175fd3481e8666986d78b78e7de8c4b3038cd3e3744d5b61c60c0323f

data/LICENSE.txt

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2017-2021 Tristan Morgan
+Copyright (c) 2016-2021 Tristan Morgan
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/Rakefile

@@ -1,7 +1,6 @@
 # frozen_string_literal: true
 
 require 'bundler/gem_tasks'
-require 'rspec/core/rake_task'
 require 'rubocop/rake_task'
 require 'ronn'
 require 'github_changelog_generator/task'
@@ -40,7 +39,7 @@ task :filemode do
   files.merge(dirs).each do |file|
     mode = File.stat(file).mode
     print '.'
-    failure << file if (mode & 0x7) != (mode >> 3 & 0x7)
+    failure << file if (mode & 0x7) != ((mode >> 3) & 0x7)
   end
   abort "\nError: Incorrect file mode found\n#{failure.join("\n")}" unless failure.empty?
   print "\n"
@@ -49,8 +48,9 @@ end
 desc 'generate manpage'
 task :ronn do
   puts 'Running Ronn...'
-  roff_text = Ronn::Document.new('man/awskeyring.5.ronn').to_roff
-  File.write('man/awskeyring.5', roff_text)
+  doc = Ronn::Document.new('man/awskeyring.5.ronn')
+  doc.date = Time.parse(`git show -s --format=%ad --date=short`)
+  File.write('man/awskeyring.5', doc.to_roff)
   puts "done\n\n"
 end
 

data/awskeyring.gemspec

@@ -26,6 +26,7 @@ Gem::Specification.new do |spec|
     'bug_tracker_uri' => "#{Awskeyring::HOMEPAGE}/issues",
     'changelog_uri' => "#{Awskeyring::HOMEPAGE}/blob/main/CHANGELOG.md",
     'documentation_uri' => "https://rubydoc.info/gems/#{spec.name}/#{Awskeyring::VERSION}",
+    'rubygems_mfa_required' => 'true',
     'source_code_uri' => "#{Awskeyring::HOMEPAGE}/tree/v#{Awskeyring::VERSION}",
     'wiki_uri' => "#{Awskeyring::HOMEPAGE}/wiki"
   }

data/lib/awskeyring/awsapi.rb

@@ -209,7 +209,7 @@ module Awskeyring
     # Get the signin token param
     private_class_method def self.token_param(session_json:)
       get_signin_token_url = AWS_SIGNIN_URL + '?Action=getSigninToken' \
-                             '&Session=' + CGI.escape(session_json)
+                                              '&Session=' + CGI.escape(session_json)
 
       uri       = URI(get_signin_token_url)
       request   = Net::HTTP.new(uri.host, uri.port)

data/lib/awskeyring/credential_provider.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+require 'aws-sdk-core'
+require 'awskeyring'
+
+module Awskeyring
+  # Provide a credential provider for use as a library, eg.
+  #     require 'awskeyring/credential_provider'
+  #     client = Aws::STS::Client.new(
+  #       credentials: Awskeyring::CredentialProvider.new("company-acc")
+  #     )
+  class CredentialProvider
+    include Aws::CredentialProvider
+
+    attr_accessor :account
+
+    def initialize(account)
+      @account = account
+    end
+
+    # returns a new Aws::Credentials object
+    def credentials
+      cred = Awskeyring.get_valid_creds(account: account)
+      Aws::Credentials.new(cred[:key],
+                           cred[:secret],
+                           cred[:token])
+    end
+  end
+end

data/lib/awskeyring/validate.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'base64'
+
 # Awskeyring Module,
 # gives you an interface to access keychains and items.
 module Awskeyring
@@ -27,7 +29,11 @@ module Awskeyring
     #
     # @param [String] aws_secret_access_key The aws_secret_access_key
     def self.secret_access_key(aws_secret_access_key)
-      raise 'Secret Access Key is not 40 chars' if aws_secret_access_key.length != 40
+      begin
+        raise 'Invalid Secret Access Key' unless Base64.strict_decode64(aws_secret_access_key).length == 30
+      rescue ArgumentError
+        raise 'Invalid Secret Access Key'
+      end
 
       aws_secret_access_key
     end

data/lib/awskeyring/version.rb

@@ -6,7 +6,7 @@ require 'json'
 # Version const and query of latest.
 module Awskeyring
   # The Gem's version number
-  VERSION = '1.8.5'
+  VERSION = '1.9.3'
   # The Gem's homepage
   HOMEPAGE = 'https://github.com/servian/awskeyring'
 

data/lib/awskeyring.rb

@@ -52,6 +52,7 @@ module Awskeyring # rubocop:disable Metrics/ModuleLength
     prefs = {
       awskeyring: awskeyring,
       keyage: DEFAULT_KEY_AGE,
+      browser: DEFAULT_BROWSER_LIST,
       console: DEFAULT_CONSOLE_LIST
     }
     File.new(Awskeyring::PREFS_FILE, 'w').write JSON.dump(prefs)
@@ -97,6 +98,17 @@ module Awskeyring # rubocop:disable Metrics/ModuleLength
     all_items.where(account: account).first
   end
 
+  # return item that matches a prefix if only one.
+  def self.solo_select(list, prefix)
+    return prefix if list.include?(prefix)
+
+    list.select! { |elem| elem.start_with?(prefix) }
+
+    return list.first if list.length == 1
+
+    nil
+  end
+
   # Add an account item
   #
   # @param [String] account The account name to create
@@ -317,7 +329,7 @@ module Awskeyring # rubocop:disable Metrics/ModuleLength
   # @param [String] account_name the associated account name.
   def self.account_exists(account_name)
     Awskeyring::Validate.account_name(account_name)
-    raise 'Account does not exist' unless list_account_names.include?(account_name)
+    raise 'Account does not exist' unless (account_name = solo_select(list_account_names, account_name))
 
     account_name
   end
@@ -347,7 +359,7 @@ module Awskeyring # rubocop:disable Metrics/ModuleLength
   # @param [String] role_name the associated role name.
   def self.role_exists(role_name)
     Awskeyring::Validate.role_name(role_name)
-    raise 'Role does not exist' unless list_role_names.include?(role_name)
+    raise 'Role does not exist' unless (role_name = solo_select(list_role_names, role_name))
 
     role_name
   end
@@ -367,7 +379,7 @@ module Awskeyring # rubocop:disable Metrics/ModuleLength
   # @param [String] token_name the associated account name.
   def self.token_exists(token_name)
     Awskeyring::Validate.account_name(token_name)
-    raise 'Token does not exist' unless list_token_names.include?(token_name)
+    raise 'Token does not exist' unless (token_name = solo_select(list_token_names, token_name))
 
     token_name
   end

data/lib/awskeyring_command.rb

@@ -16,7 +16,6 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
   I18n.backend.load_translations
 
   map %w[--version -v] => :__version
-  map %w[--help -h] => :help
   map 'adr' => :add_role
   map 'assume-role' => :token
   map 'ls' => :list
@@ -125,7 +124,8 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
   # Print JSON for use with credential_process
   def json(account)
     account = ask_check(
-      existing: account, message: I18n.t('message.account'), validator: Awskeyring.method(:account_exists)
+      existing: account, message: I18n.t('message.account'), validator: Awskeyring.method(:account_exists),
+      limited_to: Awskeyring.list_account_names
     )
     cred = age_check_and_get(account: account, no_token: options['no-token'])
     expiry = Time.at(cred[:expiry]) unless cred[:expiry].nil?
@@ -133,7 +133,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
       key: cred[:key],
       secret: cred[:secret],
       token: cred[:token],
-      expiry: (expiry || Time.new + Awskeyring::Awsapi::ONE_HOUR).iso8601
+      expiry: (expiry || (Time.new + Awskeyring::Awsapi::ONE_HOUR)).iso8601
     )
   end
 
@@ -177,11 +177,15 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
   method_option 'no-token', type: :boolean, aliases: '-n', desc: I18n.t('method_option.notoken'), default: false
   method_option 'no-bundle', type: :boolean, aliases: '-b', desc: I18n.t('method_option.nobundle'), default: false
   # execute an external command with env set
-  def exec(account, *command)
+  def exec(account, *command) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
     if command.empty?
       warn I18n.t('message.exec')
       exit 1
     end
+    account = ask_check(
+      existing: account, message: I18n.t('message.account'), validator: Awskeyring.method(:account_exists),
+      limited_to: Awskeyring.list_account_names
+    )
     cred = age_check_and_get(account: account, no_token: options['no-token'])
     env_vars = Awskeyring::Awsapi.get_env_array(cred)
     unbundle if options['no-bundle']
@@ -491,15 +495,13 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
 
   # catch the command from prefixes and aliases
   def sub_command(comp_lines)
-    return '' if comp_lines.nil? || comp_lines.length < 2
-
-    sub_cmd = comp_lines[1].tr('-', '_')
+    return '' if comp_lines.length < 2
 
-    sub_cmds = self.class.all_commands.keys.select { |elem| elem.start_with?(sub_cmd) }
+    sub_cmd = comp_lines[1]
 
-    return sub_cmds.first if sub_cmds.length == 1
+    return self.class.map[sub_cmd].to_s if self.class.map.key? sub_cmd
 
-    self.class.map[sub_cmd].to_s
+    (Awskeyring.solo_select(list_commands, sub_cmd) || '').tr('-', '_')
   end
 
   # given a type return the right list for completions

data/man/awskeyring.5

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "AWSKEYRING" "5" "June 2021" "" ""
+.TH "AWSKEYRING" "5" "January 2022" "" ""
 .
 .SH "NAME"
 \fBAwskeyring\fR \- is a small tool to manage AWS account keys in the macOS Keychain

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: awskeyring
 version: !ruby/object:Gem::Version
-  version: 1.8.5
+  version: 1.9.3
 platform: ruby
 authors:
 - Tristan Morgan
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-06-29 00:00:00.000000000 Z
+date: 2022-01-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-iam
@@ -82,6 +82,7 @@ files:
 - i18n/en.yml
 - lib/awskeyring.rb
 - lib/awskeyring/awsapi.rb
+- lib/awskeyring/credential_provider.rb
 - lib/awskeyring/input.rb
 - lib/awskeyring/validate.rb
 - lib/awskeyring/version.rb
@@ -93,8 +94,9 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/servian/awskeyring/issues
   changelog_uri: https://github.com/servian/awskeyring/blob/main/CHANGELOG.md
-  documentation_uri: https://rubydoc.info/gems/awskeyring/1.8.5
-  source_code_uri: https://github.com/servian/awskeyring/tree/v1.8.5
+  documentation_uri: https://rubydoc.info/gems/awskeyring/1.9.3
+  rubygems_mfa_required: 'true'
+  source_code_uri: https://github.com/servian/awskeyring/tree/v1.9.3
   wiki_uri: https://github.com/servian/awskeyring/wiki
 post_install_message: 
 rdoc_options: []
@@ -111,7 +113,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.0.3.1
 signing_key: 
 specification_version: 4
 summary: Manages AWS credentials in the macOS keychain