prx-ruby-aws-creds 0.1.6 → 0.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/prx-ruby-aws-creds.rb +11 -8
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 55c1ea017630660be48bf6f7d9eece87c6ddb490b061caa2aaaa833c931d4422
|
4
|
+
data.tar.gz: 490b11e27dd3308cd440e1958c042ba2995dfdd0a28c85cdf4e91428e2096922
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d7e8f2ed835e8c6587ea19bd5b72819f95093d721bb1b02ef95a4cf0dab1aa9d7bead2f855c5f15ca3f35bc0d37d309ee173ebc6780464a5c3a6f3a426c40b0d
|
7
|
+
data.tar.gz: d4184c77fe9849bfadbfba679f68c897acff29133994253ae871cd00af132ae509b895f2dc5d9a158c11eebbe262bd36ec040b8b2f376905635e6e962b8ccd11
|
data/lib/prx-ruby-aws-creds.rb
CHANGED
@@ -20,11 +20,11 @@ AWS_CONFIG_FILE = ENV["AWS_CONFIG_FILE"] || "#{Dir.home}/.aws/config"
|
|
20
20
|
# rid of the fancy typecasting.
|
21
21
|
class IniFile
|
22
22
|
class Parser
|
23
|
-
def typecast(
|
23
|
+
def typecast(value)
|
24
24
|
case value
|
25
|
-
when %r
|
26
|
-
when %r
|
27
|
-
when %r
|
25
|
+
when %r{\Atrue\z}i then true
|
26
|
+
when %r{\Afalse\z}i then false
|
27
|
+
when %r{\A\s*\z}i then nil
|
28
28
|
else
|
29
29
|
unescape_value(value)
|
30
30
|
end
|
@@ -80,11 +80,13 @@ class PrxRubyAwsCreds
|
|
80
80
|
aws_config_file = IniFile.load(AWS_CONFIG_FILE)
|
81
81
|
aws_config_file_section = aws_config_file["profile #{profile_name}"]
|
82
82
|
|
83
|
+
sso_start_url = aws_config_file_section["sso_session"] ? aws_config_file["sso-session #{aws_config_file_section["sso_session"]}"]["sso_start_url"] : aws_config_file_section["sso_start_url"]
|
84
|
+
|
83
85
|
# The selected profile does not use SSO
|
84
|
-
return if !
|
86
|
+
return if !sso_start_url
|
85
87
|
|
86
88
|
# Get the SSO start URL for the selected profile
|
87
|
-
profile_start_url =
|
89
|
+
profile_start_url = sso_start_url
|
88
90
|
|
89
91
|
sso_access_token = sso_get_cached_access_token(profile_start_url)
|
90
92
|
|
@@ -144,13 +146,14 @@ class PrxRubyAwsCreds
|
|
144
146
|
aws_config_file = IniFile.load(AWS_CONFIG_FILE)
|
145
147
|
aws_config_file_section = aws_config_file["profile #{profile_name}"]
|
146
148
|
|
147
|
-
if aws_config_file_section["sso_role_name"]
|
149
|
+
if aws_config_file_section["sso_role_name"] || aws_config_file_section["sso_session"]
|
148
150
|
# For SSO profiles, call GetRoleCredentials with a role, account, and
|
149
151
|
# access token to get back a set of temporary credentials.
|
150
152
|
# https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html
|
151
153
|
# https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/SSO/Client.html#get_role_credentials-instance_method
|
154
|
+
sso_region = aws_config_file_section["sso_session"] ? aws_config_file["sso-session #{aws_config_file_section["sso_session"]}"]["sso_region"] : aws_config_file_section["sso_region"]
|
152
155
|
opts = sso_get_role_options(profile_name)
|
153
|
-
sso = Aws::SSO::Client.new(region:
|
156
|
+
sso = Aws::SSO::Client.new(region: sso_region)
|
154
157
|
credentials = sso.get_role_credentials(opts)
|
155
158
|
|
156
159
|
# Cache the credentials. The structure of this file doesn't exactly
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: prx-ruby-aws-creds
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1
|
4
|
+
version: 0.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Christopher Kalafarski
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-10-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: inifile
|