sso

package
v1.17.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 10, 2024 License: GPL-3.0 Imports: 41 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DEFAULT_AUTH_COLOR = "blue"
	DEFAULT_AUTH_ICON  = "fingerprint"
	VERIFY_MSG         = "\n\tVerify this code in your browser: %s\n"
)
View Source 
const (

	// The default values for ODIC defined in:
	// https://tools.ietf.org/html/draft-ietf-oauth-device-flow-15#section-3.5
	SLOW_DOWN_SEC  = 5
	RETRY_INTERVAL = 5
)
View Source 
const (
	CACHE_VERSION      = 4
	SLOW_FETCH_SECONDS = 2 // number of seconds before notifying users
)
View Source 
const (
	AWS_SSO_SESSION_EXPIRATION_FORMAT = "2006-01-02 15:04:05 -0700 MST"
	NIX_STORE_PREFIX                  = "/nix/store/"
)
View Source 
const DEFAULT_PROFILE_TEMPLATE = "{{.AccountIdPad}}:{{.RoleName}}"

Note: the Profile template uses the struct field names, not the header names!

Variables

View Source 
var DEFAULT_ACCOUNT_PRIMARY_TAGS []string = []string{
	"AccountName",
	"AccountAlias",
	"Email",
}
View Source 
var MAX_BACKOFF_SECONDS int = 5
View Source 
var MAX_RETRY_ATTEMPTS int = 10
View Source 
var PROMPT_COLORS map[string]prompt.Color = map[string]prompt.Color{
	"DefaultColor": prompt.DefaultColor,

	"Black":     prompt.Black,
	"DarkRed":   prompt.DarkRed,
	"DarkGreen": prompt.DarkGreen,
	"Brown":     prompt.Brown,
	"DarkBlue":  prompt.DarkBlue,
	"Purple":    prompt.Purple,
	"Cyan":      prompt.Cyan,
	"LightGrey": prompt.LightGray,

	"DarkGrey":  prompt.DarkGray,
	"Red":       prompt.Red,
	"Green":     prompt.Green,
	"Yellow":    prompt.Yellow,
	"Blue":      prompt.Blue,
	"Fuchsia":   prompt.Fuchsia,
	"Turquoise": prompt.Turquoise,
	"White":     prompt.White,
}
View Source 
var PROMPT_COLOR_FUNCS map[string]ColorOptionFunction = map[string]ColorOptionFunction{
	"OptionDescriptionBGColor":           prompt.OptionDescriptionBGColor,
	"OptionDescriptionTextColor":         prompt.OptionInputTextColor,
	"OptionInputBGColor":                 prompt.OptionInputBGColor,
	"OptionInputTextColor":               prompt.OptionInputTextColor,
	"OptionPrefixBackgroundColor":        prompt.OptionPrefixBackgroundColor,
	"OptionPrefixTextColor":              prompt.OptionPrefixTextColor,
	"OptionPreviewSuggestionBGColor":     prompt.OptionPreviewSuggestionBGColor,
	"OptionPreviewSuggestionTextColor":   prompt.OptionPreviewSuggestionTextColor,
	"OptionScrollbarBGColor":             prompt.OptionScrollbarBGColor,
	"OptionScrollbarThumbColor":          prompt.OptionScrollbarThumbColor,
	"OptionSelectedDescriptionBGColor":   prompt.OptionSelectedDescriptionBGColor,
	"OptionSelectedDescriptionTextColor": prompt.OptionSelectedSuggestionTextColor,
	"OptionSelectedSuggestionBGColor":    prompt.OptionSelectedSuggestionBGColor,
	"OptionSelectedSuggestionTextColor":  prompt.OptionSelectedSuggestionTextColor,
	"OptionSuggestionBGColor":            prompt.OptionSuggestionBGColor,
	"OptionSuggestionTextColor":          prompt.OptionSuggestionTextColor,
}

Functions

func GetLogger added in v1.7.5 

func GetLogger() *logrus.Logger

func SetLogger added in v1.7.5 

func SetLogger(l *logrus.Logger)

Types

type AWSAccount 

type AWSAccount struct {
	Alias         string              `json:"Alias,omitempty"` // from AWS
	Name          string              `json:"Name,omitempty"`  // from config
	EmailAddress  string              `json:"EmailAddress,omitempty"`
	Tags          map[string]string   `json:"Tags,omitempty"`
	Roles         map[string]*AWSRole `json:"Roles,omitempty"`
	DefaultRegion string              `json:"DefaultRegion,omitempty"`
}

AWSAccount and AWSRole is how we store the data

type AWSRole 

type AWSRole struct {
	Arn           string            `json:"Arn"`
	DefaultRegion string            `json:"DefaultRegion,omitempty"`
	Expires       int64             `json:"Expires,omitempty"` // Seconds since Unix Epoch
	Profile       string            `json:"Profile,omitempty"`
	Tags          map[string]string `json:"Tags,omitempty"`
	Via           string            `json:"Via,omitempty"`
}

type AWSRoleFlat 

type AWSRoleFlat struct {
	Id            int               `header:"Id"`
	AccountId     int64             `json:"AccountId" header:"AccountId"`
	AccountIdPad  string            `json:"-" header:"AccountIdPad"`
	AccountName   string            `json:"AccountName" header:"AccountName"`
	AccountAlias  string            `json:"AccountAlias" header:"AccountAlias"`
	EmailAddress  string            `json:"EmailAddress" header:"EmailAddress"`
	ExpiresEpoch  int64             `json:"Expires" header:"ExpiresEpoch"`
	Expires       string            `json:"-" header:"Expires"`
	Arn           string            `json:"Arn" header:"Arn"`
	RoleName      string            `json:"RoleName" header:"RoleName"`
	Profile       string            `json:"Profile" header:"Profile"`
	DefaultRegion string            `json:"DefaultRegion" header:"DefaultRegion"`
	SSO           string            `json:"SSO" header:"SSO"`
	SSORegion     string            `json:"SSORegion" header:"SSORegion"`
	StartUrl      string            `json:"StartUrl" header:"StartUrl"`
	Tags          map[string]string `json:"Tags"` // not supported by GenerateTable
	Via           string            `json:"Via,omitempty" header:"Via"`
}

This is what we always return for a role definition

func (*AWSRoleFlat) ExpiresIn 

func (r *AWSRoleFlat) ExpiresIn() (string, error)

ExpiresIn returns how long until this role expires as a string

func (*AWSRoleFlat) GetEnvVarTags added in v1.7.1 

func (r *AWSRoleFlat) GetEnvVarTags(s *Settings) map[string]string

GetEnvVarTags returns a map containing a set of keys represening the environment variable names and their values

func (AWSRoleFlat) GetHeader 

func (f AWSRoleFlat) GetHeader(fieldName string) (string, error)

func (*AWSRoleFlat) GetSortableField added in v1.11.0 

func (r *AWSRoleFlat) GetSortableField(fieldName string) (FlatField, error)

GetSortableField returns a FlatField for the given field. We do some mapping across fields so that this can be used for sorting.

func (*AWSRoleFlat) HasPrefix added in v1.9.2 

func (r *AWSRoleFlat) HasPrefix(field, prefix string) (bool, error)

HasPrefix determines if the given field starts with the value Tags, Expires and ExpiresEpoch are invalid

func (*AWSRoleFlat) IsExpired 

func (r *AWSRoleFlat) IsExpired() bool

IsExpired returns if this role has expired or has no creds available

func (*AWSRoleFlat) ProfileName added in v1.7.0 

func (r *AWSRoleFlat) ProfileName(s *Settings) (string, error)

RoleProfile returns either the user-defined Profile value for the role from the config.yaml or the generated Profile using the ProfileFormat template

type AWSSSO 

type AWSSSO struct {
	ClientName string                      `json:"ClientName"`
	ClientType string                      `json:"ClientType"`
	SsoRegion  string                      `json:"ssoRegion"`
	StartUrl   string                      `json:"startUrl"`
	ClientData storage.RegisterClientData  `json:"RegisterClient"`
	DeviceAuth storage.StartDeviceAuthData `json:"StartDeviceAuth"`
	Token      storage.CreateTokenResponse `json:"TokenResponse"`

	Accounts []AccountInfo         `json:"Accounts"`
	Roles    map[string][]RoleInfo `json:"Roles"` // key is AccountId

	SSOConfig *SSOConfig `json:"SSOConfig"`
	// contains filtered or unexported fields
}

func NewAWSSSO 

func NewAWSSSO(s *SSOConfig, store *storage.SecureStorage) *AWSSSO

func (*AWSSSO) Authenticate 

func (as *AWSSSO) Authenticate(urlAction url.Action, browser string) error

Authenticate retrieves an AWS SSO AccessToken from our cache or by making the necessary AWS SSO calls.

func (*AWSSSO) GetAccounts 

func (as *AWSSSO) GetAccounts() ([]AccountInfo, error)

GetAccounts queries AWS and returns a list of AWS accounts

func (*AWSSSO) GetRoleCredentials 

func (as *AWSSSO) GetRoleCredentials(accountId int64, role string) (storage.RoleCredentials, error)

GetRoleCredentials recursively does any sts:AssumeRole calls as necessary for role-chaining through `Via` and returns the final set of RoleCredentials for the requested role

func (*AWSSSO) GetRoles 

func (as *AWSSSO) GetRoles(account AccountInfo) ([]RoleInfo, error)

GetRoles fetches all the AWS SSO IAM Roles for the given AWS Account Code is running up to X Threads via cache.processSSORoles() and we must stricly protect reads & writes to our as.Roles[] dict

func (*AWSSSO) ListAccountRoles added in v1.12.0 

func (as *AWSSSO) ListAccountRoles(input *sso.ListAccountRolesInput) (*sso.ListAccountRolesOutput, error)

ListAccountRoles is a wrapper around sso.ListAccountRoles which does our retry logic

func (*AWSSSO) ListAccounts added in v1.12.0 

func (as *AWSSSO) ListAccounts(input *sso.ListAccountsInput) (*sso.ListAccountsOutput, error)

func (*AWSSSO) Logout added in v1.13.0 

func (as *AWSSSO) Logout() error

Logout performs an SSO logout with AWS and invalidates our SSO session

func (*AWSSSO) StoreKey 

func (as *AWSSSO) StoreKey() string

StoreKey returns the key in the cache for this AWSSSO instance

type AccountInfo 

type AccountInfo struct {
	Id           int    `yaml:"Id" json:"Id" header:"Id"`
	AccountId    string `yaml:"AccountId" json:"AccountId" header:"AccountId"`
	AccountName  string `yaml:"AccountName" json:"AccountName" header:"AccountName"`
	EmailAddress string `yaml:"EmailAddress" json:"EmailAddress" header:"EmailAddress"`
}

func (AccountInfo) GetAccountId64 

func (ai AccountInfo) GetAccountId64() int64

func (AccountInfo) GetHeader 

func (ai AccountInfo) GetHeader(fieldName string) (string, error)

type Cache 

type Cache struct {
	Version int64 `json:"Version"`

	ConfigCreatedAt int64                `json:"ConfigCreatedAt"` // track config.yaml
	SSO             map[string]*SSOCache `json:"SSO,omitempty"`
	// contains filtered or unexported fields
}

Our Cachefile. Sub-structs defined in sso/cache.go

func OpenCache 

func OpenCache(f string, s *Settings) (*Cache, error)

func (*Cache) AddHistory 

func (c *Cache) AddHistory(item string)

AddHistory adds a role ARN to the History list up to the max number of entries and then removes the History tag from any roles that aren't in our list

func (*Cache) CacheFile 

func (c *Cache) CacheFile() string

func (*Cache) Expired 

func (c *Cache) Expired(s *SSOConfig) error

Expired returns if our Roles cache data is too old. If configFile is a valid file, we check the lastModificationTime of that file vs. the ConfigCreatedAt to determine if the cache needs to be updated

func (*Cache) GetAllTagsSelect 

func (c *Cache) GetAllTagsSelect() *tags.TagsList

returns all tags, but with with spaces replaced with underscores

func (*Cache) GetRole 

func (c *Cache) GetRole(arn string) (*AWSRoleFlat, error)

GetRole returns the AWSRoleFlat for the given role ARN

func (*Cache) GetRoleTagsSelect 

func (c *Cache) GetRoleTagsSelect() *RoleTags

GetRoleTagsSelect returns all the tags for each role with all the spaces replaced with underscores

func (*Cache) GetSSO added in v1.6.1 

func (c *Cache) GetSSO() *SSOCache

GetSSO returns the current SSOCache object for the current SSO instance

func (*Cache) MarkRolesExpired 

func (c *Cache) MarkRolesExpired() error

MarkRolesExpired marks all IAM role credentials in the cache as expired

func (*Cache) NewRoles 

func (c *Cache) NewRoles(as *AWSSSO, config *SSOConfig, threads int) (*Roles, error)

Merges the AWS SSO and our Config file to create our Roles struct which is defined in cache_roles.go

func (*Cache) PruneSSO added in v1.10.0 

func (c *Cache) PruneSSO(settings *Settings)

pruneSSO removes any SSO instances that are no longer configured

func (*Cache) Refresh 

func (c *Cache) Refresh(sso *AWSSSO, config *SSOConfig, ssoName string, threads int) error

Refresh updates our cached Roles based on AWS SSO & our Config but does not save this data!

func (*Cache) Save 

func (c *Cache) Save(updateTime bool) error

Save saves our cache to the current file

func (*Cache) SetRoleExpires 

func (c *Cache) SetRoleExpires(arn string, expires int64) error

SetRoleExpires updates the Expires time in the cache. expires is Unix epoch time in sec

type ColorOptionFunction 

type ColorOptionFunction func(prompt.Color) prompt.Option

type DeviceAuthInfo 

type DeviceAuthInfo struct {
	VerificationUri         string
	VerificationUriComplete string
	UserCode                string
}

type FlatField added in v1.10.0 

type FlatField struct {
	Sval string
	Ival int64
	Type FlatFieldType
}

type FlatFieldType added in v1.10.0 

type FlatFieldType int
const (
	Serr FlatFieldType = iota
	Sval
	Ival
)

type OverrideSettings 

type OverrideSettings struct {
	Browser    string
	DefaultSSO string
	LogLevel   string
	LogLines   bool
	UrlAction  url.Action
	Threads    int
}

type ProfileConfig added in v1.8.0 

type ProfileConfig struct {
	Arn             string
	BinaryPath      string
	ConfigVariables map[string]interface{}
	DefaultRegion   string
	Open            string
	Profile         string
	Sso             string
}

type ProfileMap added in v1.8.0 

type ProfileMap map[string]map[string]ProfileConfig

func (*ProfileMap) IsDuplicate added in v1.8.0 

func (p *ProfileMap) IsDuplicate(newProfile string) bool

func (*ProfileMap) UniqueCheck added in v1.8.0 

func (p *ProfileMap) UniqueCheck(s *Settings) error

UniqueCheck verifies that all of the profiles are unique

type PromptColors 

type PromptColors struct {
	DescriptionBGColor           string
	DescriptionTextColor         string
	InputBGColor                 string
	InputTextColor               string
	PrefixBackgroundColor        string
	PrefixTextColor              string
	PreviewSuggestionBGColor     string
	PreviewSuggestionTextColor   string
	ScrollbarBGColor             string
	ScrollbarThumbColor          string
	SelectedDescriptionBGColor   string
	SelectedDescriptionTextColor string
	SelectedSuggestionBGColor    string
	SelectedSuggestionTextColor  string
	SuggestionBGColor            string
	SuggestionTextColor          string
}

type RoleInfo 

type RoleInfo struct {
	Id           int    `yaml:"Id" json:"Id" header:"Id"`
	Arn          string `yaml:"-" json:"-" header:"Arn"`
	RoleName     string `yaml:"RoleName" json:"RoleName" header:"RoleName"`
	AccountId    string `yaml:"AccountId" json:"AccountId" header:"AccountId"`
	AccountName  string `yaml:"AccountName" json:"AccountName" header:"AccountName"`
	EmailAddress string `yaml:"EmailAddress" json:"EmailAddress" header:"EmailAddress"`
	Expires      int64  `yaml:"Expires" json:"Expires" header:"Expires"`
	Profile      string `yaml:"Profile" json:"Profile" header:"Profile"`
	Region       string `yaml:"Region" json:"Region" header:"Region"`
	SSORegion    string `header:"SSORegion"`
	StartUrl     string `header:"StartUrl"`
	Via          string `header:"Via"`
}

func (RoleInfo) GetAccountId64 added in v1.9.6 

func (ri RoleInfo) GetAccountId64() int64

func (RoleInfo) GetHeader 

func (ri RoleInfo) GetHeader(fieldName string) (string, error)

func (RoleInfo) RoleArn 

func (ri RoleInfo) RoleArn() string

type RoleTags 

type RoleTags map[string]map[string]string // ARN => TagKey => Value

RoleTags provides an interface to find roles which match a set of tags

func (*RoleTags) GetMatchCount 

func (r *RoleTags) GetMatchCount(tags map[string]string) int

func (*RoleTags) GetMatchingRoles 

func (r *RoleTags) GetMatchingRoles(tags map[string]string) []string

GetMatchingRoles returns the roles which match all the tags

func (*RoleTags) GetPossibleUniqueRoles 

func (r *RoleTags) GetPossibleUniqueRoles(tags map[string]string, key string, values []string) []string

GetPossibleMatches is like GetMatchingRoles, but takes another key and a list of values and it returns the unique set of all roles which match the base tags and all the possible combnations of key/values

func (*RoleTags) GetRoleTags 

func (r *RoleTags) GetRoleTags(role string) map[string]string

func (*RoleTags) UsefulTags 

func (r *RoleTags) UsefulTags(tags map[string]string) []string

UsefulTags takes a map of tag key/value pairs and returns a list of tag keys which result in additional filtering

type Roles 

type Roles struct {
	Accounts      map[int64]*AWSAccount `json:"Accounts"`
	SSORegion     string                `json:"SSORegion"`
	StartUrl      string                `json:"StartUrl"`
	DefaultRegion string                `json:"DefaultRegion"`
	// contains filtered or unexported fields
}

main struct holding all our Roles discovered via AWS SSO and via the config.yaml

func (*Roles) AccountIds 

func (r *Roles) AccountIds() []int64

AccountIds returns all the configured AWS SSO AccountIds

func (*Roles) GetAccountRoles 

func (r *Roles) GetAccountRoles(accountId int64) map[string]*AWSRoleFlat

GetAccountRoles returns all the roles for a given account

func (*Roles) GetAllRoles 

func (r *Roles) GetAllRoles() []*AWSRoleFlat

AllRoles returns all the Roles as a flat list

func (*Roles) GetAllTags 

func (r *Roles) GetAllTags() *tags.TagsList

GetAllTags returns all the unique key/tag pairs for every role

func (*Roles) GetRole 

func (r *Roles) GetRole(accountId int64, roleName string) (*AWSRoleFlat, error)

Role returns the specified role as an AWSRoleFlat

func (*Roles) GetRoleByProfile added in v1.7.0 

func (r *Roles) GetRoleByProfile(profileName string, s *Settings) (*AWSRoleFlat, error)

GetRoleByProfile is just like GetRole(), but selects the role based on the Profile

func (*Roles) GetRoleChain 

func (r *Roles) GetRoleChain(accountId int64, roleName string) []*AWSRoleFlat

GetRoleChain figures out the AssumeRole chain required to assume the given role

func (*Roles) GetRoleTags 

func (r *Roles) GetRoleTags() *RoleTags

GetRoleTags returns all the tags for each role

func (*Roles) MatchingRoles 

func (r *Roles) MatchingRoles(tags map[string]string) []*AWSRoleFlat

MatchingRoles returns all the roles matching the given tags

func (*Roles) MatchingRolesWithTagKey 

func (r *Roles) MatchingRolesWithTagKey(key string) []*AWSRoleFlat

MatchingRolesWithTagKey returns the roles that have the tag key

type SSOAccount 

type SSOAccount struct {
	Name          string              `koanf:"Name" yaml:"Name,omitempty"` // Admin configured Account Name
	Tags          map[string]string   `koanf:"Tags" yaml:"Tags,omitempty" `
	Roles         map[string]*SSORole `koanf:"Roles" yaml:"Roles,omitempty"`
	DefaultRegion string              `koanf:"DefaultRegion" yaml:"DefaultRegion,omitempty"`
	// contains filtered or unexported fields
}

func (*SSOAccount) GetAllTags 

func (a *SSOAccount) GetAllTags(id int64) map[string]string

GetAllTags returns all of the user defined tags and calculated tags for this account

func (*SSOAccount) HasRole 

func (a *SSOAccount) HasRole(arn string) bool

HasRole returns true/false if the given Account has the provided arn

func (*SSOAccount) SetParentConfig 

func (a *SSOAccount) SetParentConfig(c *SSOConfig)

type SSOCache added in v1.6.1 

type SSOCache struct {
	LastUpdate int64    `json:"LastUpdate,omitempty"` // when these records for this SSO were updated
	ConfigHash string   `json:"ConfigHash,omitempty"` // SHA256 of ProfileName + SSOConfig.Accounts
	History    []string `json:"History,omitempty"`
	Roles      *Roles   `json:"Roles,omitempty"`
	// contains filtered or unexported fields
}

func (*SSOCache) NeedsRefresh added in v1.17.0 

func (c *SSOCache) NeedsRefresh(s *SSOConfig, settings *Settings) bool

Check to see if our cache needs to be refreshed

type SSOConfig 

type SSOConfig struct {
	SSORegion     string                 `koanf:"SSORegion" yaml:"SSORegion"`
	StartUrl      string                 `koanf:"StartUrl" yaml:"StartUrl"`
	Accounts      map[string]*SSOAccount `koanf:"Accounts" yaml:"Accounts,omitempty"` // key must be a string to avoid parse errors!
	DefaultRegion string                 `koanf:"DefaultRegion" yaml:"DefaultRegion,omitempty"`

	// overrides for this SSO Instance
	AuthUrlAction url.Action `koanf:"AuthUrlAction" yaml:"AuthUrlAction,omitempty"`

	// passed to AWSSSO from our Settings
	MaxBackoff int `koanf:"-" yaml:"-"`
	MaxRetry   int `koanf:"-" yaml:"-"`
	// contains filtered or unexported fields
}

func (*SSOConfig) CreatedAt 

func (c *SSOConfig) CreatedAt() int64

CreatedAt returns the Unix epoch seconds that this config file was created at

func (*SSOConfig) GetAllTags 

func (s *SSOConfig) GetAllTags() *tags.TagsList

returns all of the available account & role tags for our SSO Provider

func (*SSOConfig) GetConfigHash added in v1.17.0 

func (s *SSOConfig) GetConfigHash(profileFormat string) string

GetConfigHash generates a SHA256 to be used to see if there are any changes which require updating our cache

func (*SSOConfig) GetRole added in v1.6.0 

func (s *SSOConfig) GetRole(accountId int64, role string) (*SSORole, error)

GetRole returns the matching role if it exists

func (*SSOConfig) GetRoleMatches 

func (s *SSOConfig) GetRoleMatches(tags map[string]string) []*SSORole

GetRoleMatches finds all the roles which match all of the given tags

func (*SSOConfig) GetRoles 

func (s *SSOConfig) GetRoles() []*SSORole

GetRoles returns a list of all the roles for this SSOConfig

func (*SSOConfig) Refresh 

func (c *SSOConfig) Refresh(s *Settings)

Refresh should be called any time you load the SSOConfig into memory or add a role to update the Role -> Account references

type SSORole 

type SSORole struct {
	ARN            string            `yaml:"ARN"`
	Profile        string            `koanf:"Profile" yaml:"Profile,omitempty"`
	Tags           map[string]string `koanf:"Tags" yaml:"Tags,omitempty"`
	DefaultRegion  string            `koanf:"DefaultRegion" yaml:"DefaultRegion,omitempty"`
	Via            string            `koanf:"Via" yaml:"Via,omitempty"`
	ExternalId     string            `koanf:"ExternalId" yaml:"ExternalId,omitempty"`
	SourceIdentity string            `koanf:"SourceIdentity" yaml:"SourceIdentity,omitempty"`
	// contains filtered or unexported fields
}

func (*SSORole) GetAccountId 

func (r *SSORole) GetAccountId() string

GetAccountId returns the accountId portion of the ARN or empty string on error

func (*SSORole) GetAccountId64 

func (r *SSORole) GetAccountId64() int64

GetAccountId64 returns the accountId portion of the ARN

func (*SSORole) GetAllTags 

func (r *SSORole) GetAllTags() map[string]string

GetAllTags returns all of the user defined and calculated tags for this role

func (*SSORole) GetRoleName 

func (r *SSORole) GetRoleName() string

GetRoleName returns the role name portion of the ARN

func (*SSORole) SetParentAccount 

func (r *SSORole) SetParentAccount(a *SSOAccount)

type Settings 

type Settings struct {
	Cache                     *Cache                   `yaml:"-"` // our cache data
	SSO                       map[string]*SSOConfig    `koanf:"SSOConfig" yaml:"SSOConfig,omitempty"`
	DefaultSSO                string                   `koanf:"DefaultSSO" yaml:"DefaultSSO,omitempty"`   // specify default SSO by key
	SecureStore               string                   `koanf:"SecureStore" yaml:"SecureStore,omitempty"` // json or keyring
	DefaultRegion             string                   `koanf:"DefaultRegion" yaml:"DefaultRegion,omitempty"`
	ConsoleDuration           int32                    `koanf:"ConsoleDuration" yaml:"ConsoleDuration,omitempty"`
	JsonStore                 string                   `koanf:"JsonStore" yaml:"JsonStore,omitempty"`
	CacheRefresh              int64                    `koanf:"CacheRefresh" yaml:"CacheRefresh,omitempty"`
	Threads                   int                      `koanf:"Threads" yaml:"Threads,omitempty"`
	MaxBackoff                int                      `koanf:"MaxBackoff" yaml:"MaxBackoff,omitempty"`
	MaxRetry                  int                      `koanf:"MaxRetry" yaml:"MaxRetry,omitempty"`
	AutoConfigCheck           bool                     `koanf:"AutoConfigCheck" yaml:"AutoConfigCheck,omitempty"`
	FirefoxOpenUrlInContainer bool                     `koanf:"FirefoxOpenUrlInContainer" yaml:"FirefoxOpenUrlInContainer,omitempty"` // deprecated
	UrlAction                 url.Action               `koanf:"UrlAction" yaml:"UrlAction"`
	Browser                   string                   `koanf:"Browser" yaml:"Browser,omitempty"`
	ConfigUrlAction           string                   `koanf:"ConfigUrlAction" yaml:"ConfigUrlAction,omitempty"` // deprecated
	ConfigProfilesBinaryPath  string                   `koanf:"ConfigProfilesBinaryPath" yaml:"ConfigProfilesBinaryPath,omitempty"`
	ConfigProfilesUrlAction   url.ConfigProfilesAction `koanf:"ConfigProfilesUrlAction" yaml:"ConfigProfilesUrlAction,omitempty"`
	UrlExecCommand            []string                 `koanf:"UrlExecCommand" yaml:"UrlExecCommand,omitempty"` // string or list
	LogLevel                  string                   `koanf:"LogLevel" yaml:"LogLevel,omitempty"`
	LogLines                  bool                     `koanf:"LogLines" yaml:"LogLines,omitempty"`
	HistoryLimit              int64                    `koanf:"HistoryLimit" yaml:"HistoryLimit,omitempty"`
	HistoryMinutes            int64                    `koanf:"HistoryMinutes" yaml:"HistoryMinutes,omitempty"`
	ProfileFormat             string                   `koanf:"ProfileFormat" yaml:"ProfileFormat,omitempty"`
	AccountPrimaryTag         []string                 `koanf:"AccountPrimaryTag" yaml:"AccountPrimaryTag,omitempty"`
	FirstTag                  string                   `koanf:"FirstTag" yaml:"FirstTag,omitempty"`
	PromptColors              PromptColors             `koanf:"PromptColors" yaml:"PromptColors,omitempty"` // go-prompt colors
	ListFields                []string                 `koanf:"ListFields" yaml:"ListFields,omitempty"`
	ConfigVariables           map[string]interface{}   `koanf:"ConfigVariables" yaml:"ConfigVariables,omitempty"`
	EnvVarTags                []string                 `koanf:"EnvVarTags" yaml:"EnvVarTags,omitempty"`
	FullTextSearch            bool                     `koanf:"FullTextSearch" yaml:"FullTextSearch"`
	// contains filtered or unexported fields
}

func LoadSettings 

func LoadSettings(configFile, cacheFile string, defaults map[string]interface{}, override OverrideSettings) (*Settings, error)

Loads our settings from config, cache and CLI args

func (*Settings) ConfigFile 

func (s *Settings) ConfigFile() string

func (*Settings) CreatedAt 

func (s *Settings) CreatedAt() int64

func (*Settings) DefaultOptions 

func (s *Settings) DefaultOptions(exit prompt.ExitChecker) []prompt.Option

Our default and common prompt.Options for all CLI interface

func (*Settings) GetAllProfiles added in v1.8.0 

func (s *Settings) GetAllProfiles(open url.Action) (*ProfileMap, error)

GetAllProfiles returns a map of the ProfileConfig for each SSOConfig. takes the binary path to `open` URL with if set

func (*Settings) GetColorOptions 

func (s *Settings) GetColorOptions() []prompt.Option

GetPromptOptions returns a list of promp.Options for prompt.New()

func (*Settings) GetDefaultRegion 

func (s *Settings) GetDefaultRegion(id int64, roleName string, noRegion bool) string

GetDefaultRegion scans the config settings file to pick the most local DefaultRegion from the tree for the given role

func (*Settings) GetEnvVarTags added in v1.7.1 

func (s *Settings) GetEnvVarTags() map[string]string

Returns the Tag name => Environment variable name

func (*Settings) GetSelectedSSO 

func (s *Settings) GetSelectedSSO(name string) (*SSOConfig, error)

GetSelectedSSO returns a valid SSOConfig based on user intput, configured value or our hardcoded 'Default' if it exists and name is empty String

func (*Settings) GetSelectedSSOName added in v1.7.1 

func (s *Settings) GetSelectedSSOName(name string) (string, error)

GetSelectedSSOName returns the name of the selected SSO name where the input is the option passed in via the CLI (should be an empty string) if user did not specify a value on the CLI

func (*Settings) Save added in v1.4.0 

func (s *Settings) Save(configFile string, overwrite bool) error

Save overwrites the current config file with our settings (not recommended)

func (*Settings) Validate added in v1.9.2 

func (s *Settings) Validate() error

type SsoAPI added in v1.8.1 

type SsoAPI interface {
	ListAccountRoles(context.Context, *sso.ListAccountRolesInput, ...func(*sso.Options)) (*sso.ListAccountRolesOutput, error)
	ListAccounts(context.Context, *sso.ListAccountsInput, ...func(*sso.Options)) (*sso.ListAccountsOutput, error)
	GetRoleCredentials(context.Context, *sso.GetRoleCredentialsInput, ...func(*sso.Options)) (*sso.GetRoleCredentialsOutput, error)
	Logout(context.Context, *sso.LogoutInput, ...func(*sso.Options)) (*sso.LogoutOutput, error)
}

type SsoOidcAPI added in v1.8.1 

type SsoOidcAPI interface {
	RegisterClient(context.Context, *ssooidc.RegisterClientInput, ...func(*ssooidc.Options)) (*ssooidc.RegisterClientOutput, error)
	StartDeviceAuthorization(context.Context, *ssooidc.StartDeviceAuthorizationInput, ...func(*ssooidc.Options)) (*ssooidc.StartDeviceAuthorizationOutput, error)
	CreateToken(context.Context, *ssooidc.CreateTokenInput, ...func(*ssooidc.Options)) (*ssooidc.CreateTokenOutput, error)
}

Necessary for mocking

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.