prx-ruby-aws-creds 0.1.6 → 0.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8e03288063d2999775ce03029bcbf2e3be1ff12095d90812dd22127058b1c7b2
-  data.tar.gz: d919adc2def0ebfe1469d3d1a58bb8d7b4fdb4227969a8cc03bd4d2f2e3b20dc
+  metadata.gz: 55c1ea017630660be48bf6f7d9eece87c6ddb490b061caa2aaaa833c931d4422
+  data.tar.gz: 490b11e27dd3308cd440e1958c042ba2995dfdd0a28c85cdf4e91428e2096922
 SHA512:
-  metadata.gz: abe3afa00b828ad17696254c05ba83ca446de9bb2679fd5aa57544b31fd17705f3b190688b4ee3ef46302b5d3f1e4617343cd4c1b5daf13c34cd56784bf63335
-  data.tar.gz: 4c173dbbfaeef9dc4e240418f327325335a8130000c425aef3bd261f7bb9e71a892f5af6661210b57b7ac8548a0a7e83295c2dfc3548ce92ecb37e00a4d98748
+  metadata.gz: d7e8f2ed835e8c6587ea19bd5b72819f95093d721bb1b02ef95a4cf0dab1aa9d7bead2f855c5f15ca3f35bc0d37d309ee173ebc6780464a5c3a6f3a426c40b0d
+  data.tar.gz: d4184c77fe9849bfadbfba679f68c897acff29133994253ae871cd00af132ae509b895f2dc5d9a158c11eebbe262bd36ec040b8b2f376905635e6e962b8ccd11

data/lib/prx-ruby-aws-creds.rb

@@ -20,11 +20,11 @@ AWS_CONFIG_FILE = ENV["AWS_CONFIG_FILE"] || "#{Dir.home}/.aws/config"
 # rid of the fancy typecasting.
 class IniFile
   class Parser
-    def typecast( value )
+    def typecast(value)
       case value
-      when %r/\Atrue\z/i;  true
-      when %r/\Afalse\z/i; false
-      when %r/\A\s*\z/i;   nil
+      when %r{\Atrue\z}i then true
+      when %r{\Afalse\z}i then false
+      when %r{\A\s*\z}i then nil
       else
         unescape_value(value)
       end
@@ -80,11 +80,13 @@ class PrxRubyAwsCreds
       aws_config_file = IniFile.load(AWS_CONFIG_FILE)
       aws_config_file_section = aws_config_file["profile #{profile_name}"]
 
+      sso_start_url = aws_config_file_section["sso_session"] ? aws_config_file["sso-session #{aws_config_file_section["sso_session"]}"]["sso_start_url"] : aws_config_file_section["sso_start_url"]
+
       # The selected profile does not use SSO
-      return if !aws_config_file_section["sso_start_url"]
+      return if !sso_start_url
 
       # Get the SSO start URL for the selected profile
-      profile_start_url = aws_config_file_section["sso_start_url"]
+      profile_start_url = sso_start_url
 
       sso_access_token = sso_get_cached_access_token(profile_start_url)
 
@@ -144,13 +146,14 @@ class PrxRubyAwsCreds
       aws_config_file = IniFile.load(AWS_CONFIG_FILE)
       aws_config_file_section = aws_config_file["profile #{profile_name}"]
 
-      if aws_config_file_section["sso_role_name"]
+      if aws_config_file_section["sso_role_name"] || aws_config_file_section["sso_session"]
         # For SSO profiles, call GetRoleCredentials with a role, account, and
         # access token to get back a set of temporary credentials.
         # https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html
         # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/SSO/Client.html#get_role_credentials-instance_method
+        sso_region = aws_config_file_section["sso_session"] ? aws_config_file["sso-session #{aws_config_file_section["sso_session"]}"]["sso_region"] : aws_config_file_section["sso_region"]
         opts = sso_get_role_options(profile_name)
-        sso = Aws::SSO::Client.new(region: aws_config_file_section["sso_region"])
+        sso = Aws::SSO::Client.new(region: sso_region)
         credentials = sso.get_role_credentials(opts)
 
         # Cache the credentials. The structure of this file doesn't exactly

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: prx-ruby-aws-creds
 version: !ruby/object:Gem::Version
-  version: 0.1.6
+  version: 0.2.1
 platform: ruby
 authors:
 - Christopher Kalafarski
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-09-20 00:00:00.000000000 Z
+date: 2023-10-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: inifile