prx-ruby-aws-creds 0.1.5 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ed94648d600229b366a248af0a7d0c82dcca1817c5db84cdc3f5cd72e871d32f
-  data.tar.gz: 0b5b0dd0f266e0698d64717cbaf2d5abf900994619956eb4ce2c0ad36340dde3
+  metadata.gz: cce824dd97bacb1eccc3f4c4613b45293c19b7d4bc5daa459dc7b92ab079c589
+  data.tar.gz: 1a5926a825795f2139f7359a333e5ecbb7a98bad19b3c3a7cb93f074fe679c99
 SHA512:
-  metadata.gz: fdeba274d5fdf1c7f2adeafe3ef60b8db6c6e2e0e3383b8ced727ca08f2c620e399e3a482b3a388d7bf34d391370a082c0c2e5238a0474018a820ab3bcc52d0e
-  data.tar.gz: a790aa26d3d5f536c901266683739390a55f64904ed11b4c2d34a27617423aa3a1e8f984f9e2ab8e63c5985cdb7cce1584ce052315007f8ba2387ca4f84c1a1e
+  metadata.gz: ffabc5525944d2bbe2fe016414942327a158802fec52d06cc721423b1d811e2decd622e58b5a967cac02480f1c6806bbb167a17587bff849dc986af59cbff66b
+  data.tar.gz: 497b5a132f0aef4249991a9fd1b5d11ee848c7de766bdeec8712c70aa8c78ba175fa97ebf53a0d735deb4a568aa279603d1732d308d8e001f3df2e1fa5e38005

data/lib/prx-ruby-aws-creds.rb

@@ -11,6 +11,27 @@ require "aws-sdk-sso"
 CACHE_DIRECTORY = "#{Dir.home}/.aws/ruby/cache"
 AWS_CONFIG_FILE = ENV["AWS_CONFIG_FILE"] || "#{Dir.home}/.aws/config"
 
+# Normally IniFile tries to be clever about detecting number values in the file
+# and casting them to Integers and Floats. This breaks on a value like
+# 048723829744, becuase Integer() tries to treat that as an octal, but fails
+# since it includes 8s and 9s, but Float(048723829744) treats it like a decimal
+# and returns 48723829744.0. Even if Integer() didn't fail it would drop the
+# leading zero. We need to just treat these values as strings, so this gets
+# rid of the fancy typecasting.
+class IniFile
+  class Parser
+    def typecast(value)
+      case value
+      when %r{\Atrue\z}i then true
+      when %r{\Afalse\z}i then false
+      when %r{\A\s*\z}i then nil
+      else
+        unescape_value(value)
+      end
+    end
+  end
+end
+
 class PrxRubyAwsCreds
   class << self
     # The cache key is based on the parameters used to request temporary
@@ -59,11 +80,20 @@ class PrxRubyAwsCreds
       aws_config_file = IniFile.load(AWS_CONFIG_FILE)
       aws_config_file_section = aws_config_file["profile #{profile_name}"]
 
+      if aws_config_file["sso_session"]
+        sso_session_name = aws_config_file["sso_session"]
+        sso_session_section = aws_config_file["sso-session #{sso_session_name}"]
+
+        sso_start_url = sso_session_section["sso_start_url"]
+      else
+        sso_start_url = aws_config_file_section["sso_start_url"]
+      end
+
       # The selected profile does not use SSO
-      return if !aws_config_file_section["sso_start_url"]
+      return if !sso_start_url
 
       # Get the SSO start URL for the selected profile
-      profile_start_url = aws_config_file_section["sso_start_url"]
+      profile_start_url = sso_start_url
 
       sso_access_token = sso_get_cached_access_token(profile_start_url)
 
@@ -123,7 +153,7 @@ class PrxRubyAwsCreds
       aws_config_file = IniFile.load(AWS_CONFIG_FILE)
       aws_config_file_section = aws_config_file["profile #{profile_name}"]
 
-      if aws_config_file_section["sso_role_name"]
+      if aws_config_file_section["sso_role_name"] || aws_config_file_section["sso_session"]
         # For SSO profiles, call GetRoleCredentials with a role, account, and
         # access token to get back a set of temporary credentials.
         # https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: prx-ruby-aws-creds
 version: !ruby/object:Gem::Version
-  version: 0.1.5
+  version: 0.2.0
 platform: ruby
 authors:
 - Christopher Kalafarski
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-07-14 00:00:00.000000000 Z
+date: 2023-10-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: inifile