Refactor for clarity

mtibben · mtibben · commit cf78af3fa368 · 2023-03-04T11:16:31.000+11:00
diff --git a/cli/exec.go b/cli/exec.go
@@ -29,7 +29,7 @@ type ExecCommandInput struct {
 	StartEcsServer   bool
 	Lazy             bool
 	JSONDeprecated   bool
-	Config           vault.Config
+	Config           vault.ProfileConfig
 	SessionDuration  time.Duration
 	NoSession        bool
 	UseStdout        bool
@@ -167,7 +167,7 @@ func ExecCommand(input ExecCommandInput, f *vault.ConfigFile, keyring keyring.Ke
 		return 0, err
 	}
 
-	config, err := vault.NewConfigLoader(input.Config, f, input.ProfileName).LoadFromProfile(input.ProfileName)
+	config, err := vault.NewConfigLoader(input.Config, f, input.ProfileName).GetProfileConfig(input.ProfileName)
 	if err != nil {
 		return 0, fmt.Errorf("Error loading config: %w", err)
 	}
@@ -260,7 +260,7 @@ func createEnv(profileName string, region string) environ {
 	return env
 }
 
-func startEcsServerAndSetEnv(credsProvider aws.CredentialsProvider, config *vault.Config, lazy bool, cmdEnv *environ) error {
+func startEcsServerAndSetEnv(credsProvider aws.CredentialsProvider, config *vault.ProfileConfig, lazy bool, cmdEnv *environ) error {
 	ecsServer, err := server.NewEcsServer(context.TODO(), credsProvider, config, "", 0, lazy)
 	if err != nil {
 		return err
diff --git a/cli/export.go b/cli/export.go
@@ -19,7 +19,7 @@ import (
 type ExportCommandInput struct {
 	ProfileName     string
 	Format          string
-	Config          vault.Config
+	Config          vault.ProfileConfig
 	SessionDuration time.Duration
 	NoSession       bool
 	UseStdout       bool
@@ -90,7 +90,7 @@ func ExportCommand(input ExportCommandInput, f *vault.ConfigFile, keyring keyrin
 		return fmt.Errorf("in an existing aws-vault subshell; 'exit' from the subshell or unset AWS_VAULT to force")
 	}
 
-	config, err := vault.NewConfigLoader(input.Config, f, input.ProfileName).LoadFromProfile(input.ProfileName)
+	config, err := vault.NewConfigLoader(input.Config, f, input.ProfileName).GetProfileConfig(input.ProfileName)
 	if err != nil {
 		return fmt.Errorf("Error loading config: %w", err)
 	}
diff --git a/cli/login.go b/cli/login.go
@@ -24,7 +24,7 @@ type LoginCommandInput struct {
 	ProfileName     string
 	UseStdout       bool
 	Path            string
-	Config          vault.Config
+	Config          vault.ProfileConfig
 	SessionDuration time.Duration
 	NoSession       bool
 }
@@ -81,7 +81,7 @@ func ConfigureLoginCommand(app *kingpin.Application, a *AwsVault) {
 }
 
 func LoginCommand(input LoginCommandInput, f *vault.ConfigFile, keyring keyring.Keyring) error {
-	config, err := vault.NewConfigLoader(input.Config, f, input.ProfileName).LoadFromProfile(input.ProfileName)
+	config, err := vault.NewConfigLoader(input.Config, f, input.ProfileName).GetProfileConfig(input.ProfileName)
 	if err != nil {
 		return fmt.Errorf("Error loading config: %w", err)
 	}
diff --git a/cli/rotate.go b/cli/rotate.go
@@ -16,7 +16,7 @@ import (
 type RotateCommandInput struct {
 	NoSession   bool
 	ProfileName string
-	Config      vault.Config
+	Config      vault.ProfileConfig
 }
 
 func ConfigureRotateCommand(app *kingpin.Application, a *AwsVault) {
@@ -55,7 +55,7 @@ func RotateCommand(input RotateCommandInput, f *vault.ConfigFile, keyring keyrin
 	vault.UseSessionCache = false
 
 	configLoader := vault.NewConfigLoader(input.Config, f, input.ProfileName)
-	config, err := configLoader.LoadFromProfile(input.ProfileName)
+	config, err := configLoader.GetProfileConfig(input.ProfileName)
 	if err != nil {
 		return fmt.Errorf("Error loading config: %w", err)
 	}
@@ -170,7 +170,7 @@ func retry(maxTime time.Duration, sleep time.Duration, f func() error) (err erro
 	}
 }
 
-func getUsernameIfAssumingRole(ctx context.Context, awsCfg aws.Config, config *vault.Config) (*string, error) {
+func getUsernameIfAssumingRole(ctx context.Context, awsCfg aws.Config, config *vault.ProfileConfig) (*string, error) {
 	if config.RoleARN != "" {
 		n, err := vault.GetUsernameFromSession(ctx, awsCfg)
 		if err != nil {
@@ -185,7 +185,7 @@ func getUsernameIfAssumingRole(ctx context.Context, awsCfg aws.Config, config *v
 func getProfilesInChain(profileName string, configLoader *vault.ConfigLoader) (profileNames []string, err error) {
 	profileNames = append(profileNames, profileName)
 
-	config, err := configLoader.LoadFromProfile(profileName)
+	config, err := configLoader.GetProfileConfig(profileName)
 	if err != nil {
 		return profileNames, err
 	}
diff --git a/server/ecsserver.go b/server/ecsserver.go
@@ -63,10 +63,10 @@ type EcsServer struct {
 	server            http.Server
 	cache             sync.Map
 	baseCredsProvider aws.CredentialsProvider
-	config            *vault.Config
+	config            *vault.ProfileConfig
 }
 
-func NewEcsServer(ctx context.Context, baseCredsProvider aws.CredentialsProvider, config *vault.Config, authToken string, port int, lazyLoadBaseCreds bool) (*EcsServer, error) {
+func NewEcsServer(ctx context.Context, baseCredsProvider aws.CredentialsProvider, config *vault.ProfileConfig, authToken string, port int, lazyLoadBaseCreds bool) (*EcsServer, error) {
 	listener, err := net.Listen("tcp", fmt.Sprintf("127.0.0.1:%d", port))
 	if err != nil {
 		return nil, err
diff --git a/vault/config.go b/vault/config.go
@@ -269,13 +269,14 @@ func (c *ConfigFile) ProfileNames() []string {
 
 // ConfigLoader loads config from configfile and environment variables
 type ConfigLoader struct {
-	BaseConfig      Config
-	File            *ConfigFile
-	ActiveProfile   string
+	BaseConfig    ProfileConfig
+	File          *ConfigFile
+	ActiveProfile string
+
 	visitedProfiles []string
 }
 
-func NewConfigLoader(baseConfig Config, file *ConfigFile, activeProfile string) *ConfigLoader {
+func NewConfigLoader(baseConfig ProfileConfig, file *ConfigFile, activeProfile string) *ConfigLoader {
 	return &ConfigLoader{
 		BaseConfig:    baseConfig,
 		File:          file,
@@ -297,7 +298,7 @@ func (cl *ConfigLoader) resetLoopDetection() {
 	cl.visitedProfiles = []string{}
 }
 
-func (cl *ConfigLoader) populateFromDefaults(config *Config) {
+func (cl *ConfigLoader) populateFromDefaults(config *ProfileConfig) {
 	if config.AssumeRoleDuration == 0 {
 		config.AssumeRoleDuration = DefaultSessionDuration
 	}
@@ -312,7 +313,7 @@ func (cl *ConfigLoader) populateFromDefaults(config *Config) {
 	}
 }
 
-func (cl *ConfigLoader) populateFromConfigFile(config *Config, profileName string) error {
+func (cl *ConfigLoader) populateFromConfigFile(config *ProfileConfig, profileName string) error {
 	if !cl.visitProfile(profileName) {
 		return fmt.Errorf("Loop detected in config file for profile '%s'", profileName)
 	}
@@ -419,7 +420,7 @@ func (cl *ConfigLoader) populateFromConfigFile(config *Config, profileName strin
 	return nil
 }
 
-func (cl *ConfigLoader) populateFromEnv(profile *Config) {
+func (cl *ConfigLoader) populateFromEnv(profile *ProfileConfig) {
 	if region := os.Getenv("AWS_REGION"); region != "" && profile.Region == "" {
 		log.Printf("Using region %q from AWS_REGION", region)
 		profile.Region = region
@@ -501,9 +502,9 @@ func (cl *ConfigLoader) populateFromEnv(profile *Config) {
 	}
 }
 
-func (cl *ConfigLoader) hydrateSourceConfig(config *Config) error {
+func (cl *ConfigLoader) hydrateSourceConfig(config *ProfileConfig) error {
 	if config.SourceProfileName != "" {
-		sc, err := cl.LoadFromProfile(config.SourceProfileName)
+		sc, err := cl.GetProfileConfig(config.SourceProfileName)
 		if err != nil {
 			return err
 		}
@@ -513,8 +514,8 @@ func (cl *ConfigLoader) hydrateSourceConfig(config *Config) error {
 	return nil
 }
 
-// LoadFromProfile loads the profile from the config file and environment variables into config
-func (cl *ConfigLoader) LoadFromProfile(profileName string) (*Config, error) {
+// GetProfileConfig loads the profile from the config file and environment variables into config
+func (cl *ConfigLoader) GetProfileConfig(profileName string) (*ProfileConfig, error) {
 	config := cl.BaseConfig
 	config.ProfileName = profileName
 	cl.populateFromEnv(&config)
@@ -535,19 +536,19 @@ func (cl *ConfigLoader) LoadFromProfile(profileName string) (*Config, error) {
 	return &config, nil
 }
 
-// Config is a collection of configuration options for creating temporary credentials
-type Config struct {
+// ProfileConfig is a collection of configuration options for creating temporary credentials
+type ProfileConfig struct {
 	// ProfileName specifies the name of the profile config
 	ProfileName string
 
 	// SourceProfile is the profile where credentials come from
 	SourceProfileName string
 
 	// SourceProfile is the profile where credentials come from
-	SourceProfile *Config
+	SourceProfile *ProfileConfig
 
-	// ChainedFromProfile is the profile that used this profile as it's source profile
-	ChainedFromProfile *Config
+	// ChainedFromProfile is the profile that used this profile as its source profile
+	ChainedFromProfile *ProfileConfig
 
 	// Region is the AWS region
 	Region string
@@ -619,7 +620,7 @@ type Config struct {
 }
 
 // SetSessionTags parses a comma separated key=vaue string and sets Config.SessionTags map
-func (c *Config) SetSessionTags(s string) error {
+func (c *ProfileConfig) SetSessionTags(s string) error {
 	c.SessionTags = make(map[string]string)
 	for _, tag := range strings.Split(s, ",") {
 		kvPair := strings.SplitN(tag, "=", 2)
@@ -633,54 +634,54 @@ func (c *Config) SetSessionTags(s string) error {
 }
 
 // SetTransitiveSessionTags parses a comma separated string and sets Config.TransitiveSessionTags
-func (c *Config) SetTransitiveSessionTags(s string) {
+func (c *ProfileConfig) SetTransitiveSessionTags(s string) {
 	for _, tag := range strings.Split(s, ",") {
 		if tag = strings.TrimSpace(tag); tag != "" {
 			c.TransitiveSessionTags = append(c.TransitiveSessionTags, tag)
 		}
 	}
 }
 
-func (c *Config) IsChained() bool {
+func (c *ProfileConfig) IsChained() bool {
 	return c.ChainedFromProfile != nil
 }
 
-func (c *Config) HasSourceProfile() bool {
+func (c *ProfileConfig) HasSourceProfile() bool {
 	return c.SourceProfile != nil
 }
 
-func (c *Config) HasMfaSerial() bool {
+func (c *ProfileConfig) HasMfaSerial() bool {
 	return c.MfaSerial != ""
 }
 
-func (c *Config) HasRole() bool {
+func (c *ProfileConfig) HasRole() bool {
 	return c.RoleARN != ""
 }
 
-func (c *Config) HasSSOSession() bool {
+func (c *ProfileConfig) HasSSOSession() bool {
 	return c.SSOSession != ""
 }
 
-func (c *Config) HasSSOStartURL() bool {
+func (c *ProfileConfig) HasSSOStartURL() bool {
 	return c.SSOStartURL != ""
 }
 
-func (c *Config) HasWebIdentity() bool {
+func (c *ProfileConfig) HasWebIdentity() bool {
 	return c.WebIdentityTokenFile != "" || c.WebIdentityTokenProcess != ""
 }
 
-func (c *Config) HasCredentialProcess() bool {
+func (c *ProfileConfig) HasCredentialProcess() bool {
 	return c.CredentialProcess != ""
 }
 
-func (c *Config) GetSessionTokenDuration() time.Duration {
+func (c *ProfileConfig) GetSessionTokenDuration() time.Duration {
 	if c.IsChained() {
 		return c.ChainedGetSessionTokenDuration
 	}
 	return c.NonChainedGetSessionTokenDuration
 }
 
-func (c *Config) Validate() error {
+func (c *ProfileConfig) Validate() error {
 	if c.HasSSOSession() && !c.HasSSOStartURL() {
 		return fmt.Errorf("profile '%s' has sso_session but no sso_start_url", c.ProfileName)
 	}
@@ -700,7 +701,6 @@ func (c *Config) Validate() error {
 	} else if c.HasRole() {
 		n++
 	}
-
 	if n > 1 {
 		return fmt.Errorf("profile '%s' has more than one source of credentials", c.ProfileName)
 	}
diff --git a/vault/config_test.go b/vault/config_test.go
@@ -254,7 +254,7 @@ func TestIncludeProfile(t *testing.T) {
 	}
 
 	configLoader := &vault.ConfigLoader{File: configFile}
-	config, err := configLoader.LoadFromProfile("testincludeprofile2")
+	config, err := configLoader.GetProfileConfig("testincludeprofile2")
 	if err != nil {
 		t.Fatalf("Should have found a profile: %v", err)
 	}
@@ -274,7 +274,7 @@ func TestIncludeSsoSession(t *testing.T) {
 	}
 
 	configLoader := &vault.ConfigLoader{File: configFile}
-	config, err := configLoader.LoadFromProfile("with-sso-session")
+	config, err := configLoader.GetProfileConfig("with-sso-session")
 	if err != nil {
 		t.Fatalf("Should have found a profile: %v", err)
 	}
@@ -369,7 +369,7 @@ source_profile=foo
 	}
 
 	configLoader := &vault.ConfigLoader{File: configFile}
-	config, err := configLoader.LoadFromProfile("foo")
+	config, err := configLoader.GetProfileConfig("foo")
 	if err != nil {
 		t.Fatalf("Should have found a profile: %v", err)
 	}
@@ -406,7 +406,7 @@ source_profile=root
 	}
 
 	configLoader := &vault.ConfigLoader{File: configFile}
-	config, err := configLoader.LoadFromProfile("foo")
+	config, err := configLoader.GetProfileConfig("foo")
 	if err != nil {
 		t.Fatalf("Should have found a profile: %v", err)
 	}
@@ -441,7 +441,7 @@ func TestSetSessionTags(t *testing.T) {
 	}
 
 	for _, tc := range testCases {
-		config := vault.Config{}
+		config := vault.ProfileConfig{}
 		err := config.SetSessionTags(tc.stringValue)
 		if tc.ok {
 			if err != nil {
@@ -473,7 +473,7 @@ func TestSetTransitiveSessionTags(t *testing.T) {
 	}
 
 	for _, tc := range testCases {
-		config := vault.Config{}
+		config := vault.ProfileConfig{}
 		config.SetTransitiveSessionTags(tc.stringValue)
 		if !reflect.DeepEqual(tc.expected, config.TransitiveSessionTags) {
 			t.Fatalf("Expected TransitiveSessionTags: %+v, got %+v", tc.expected, config.TransitiveSessionTags)
@@ -496,7 +496,7 @@ transitive_session_tags = tagOne ,tagTwo,tagThree
 		t.Fatal(err)
 	}
 	configLoader := &vault.ConfigLoader{File: configFile, ActiveProfile: "tagged"}
-	config, err := configLoader.LoadFromProfile("tagged")
+	config, err := configLoader.GetProfileConfig("tagged")
 	if err != nil {
 		t.Fatalf("Should have found a profile: %v", err)
 	}
@@ -533,7 +533,7 @@ transitive_session_tags = tagOne ,tagTwo,tagThree
 		t.Fatal(err)
 	}
 	configLoader := &vault.ConfigLoader{File: configFile, ActiveProfile: "tagged"}
-	config, err := configLoader.LoadFromProfile("tagged")
+	config, err := configLoader.GetProfileConfig("tagged")
 	if err != nil {
 		t.Fatalf("Should have found a profile: %v", err)
 	}
@@ -578,7 +578,7 @@ source_profile = interim
 		t.Fatal(err)
 	}
 	configLoader := &vault.ConfigLoader{File: configFile, ActiveProfile: "target"}
-	config, err := configLoader.LoadFromProfile("target")
+	config, err := configLoader.GetProfileConfig("target")
 	if err != nil {
 		t.Fatalf("Should have found a profile: %v", err)
 	}
@@ -640,13 +640,13 @@ credential_process = true
 	configFile, _ := vault.LoadConfig(f)
 	configLoader := &vault.ConfigLoader{File: configFile}
 
-	config, _ := configLoader.LoadFromProfile("foo:staging")
+	config, _ := configLoader.GetProfileConfig("foo:staging")
 	err := config.Validate()
 	if err != nil {
 		t.Fatalf("Should have validated: %v", err)
 	}
 
-	config, _ = configLoader.LoadFromProfile("foo:production")
+	config, _ = configLoader.GetProfileConfig("foo:production")
 	err = config.Validate()
 	if err == nil {
 		t.Fatalf("Should have failed validation: %v", err)
diff --git a/vault/mfa.go b/vault/mfa.go
@@ -33,7 +33,7 @@ func (m *Mfa) GetMfaSerial() string {
 	return m.mfaSerial
 }
 
-func NewMfa(config *Config) *Mfa {
+func NewMfa(config *ProfileConfig) *Mfa {
 	m := Mfa{
 		mfaSerial: config.MfaSerial,
 	}
diff --git a/vault/vault.go b/vault/vault.go

Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,7 @@ type LoginCommandInput struct {`
`24`	`24`	`ProfileName string`
`25`	`25`	`UseStdout bool`
`26`	`26`	`Path string`
`27`		`- Config vault.Config`
	`27`	`+ Config vault.ProfileConfig`
`28`	`28`	`SessionDuration time.Duration`
`29`	`29`	`NoSession bool`
`30`	`30`	`}`
`@@ -81,7 +81,7 @@ func ConfigureLoginCommand(app kingpin.Application, a AwsVault) {`
`81`	`81`	`}`
`82`	`82`
`83`	`83`	`func LoginCommand(input LoginCommandInput, f *vault.ConfigFile, keyring keyring.Keyring) error {`
`84`		`- config, err := vault.NewConfigLoader(input.Config, f, input.ProfileName).LoadFromProfile(input.ProfileName)`
	`84`	`+ config, err := vault.NewConfigLoader(input.Config, f, input.ProfileName).GetProfileConfig(input.ProfileName)`
`85`	`85`	`if err != nil {`
`86`	`86`	`return fmt.Errorf("Error loading config: %w", err)`
`87`	`87`	`}`
Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,7 @@ import (`
`16`	`16`	`type RotateCommandInput struct {`
`17`	`17`	`NoSession bool`
`18`	`18`	`ProfileName string`
`19`		`- Config vault.Config`
	`19`	`+ Config vault.ProfileConfig`
`20`	`20`	`}`
`21`	`21`
`22`	`22`	`func ConfigureRotateCommand(app kingpin.Application, a AwsVault) {`
`@@ -55,7 +55,7 @@ func RotateCommand(input RotateCommandInput, f *vault.ConfigFile, keyring keyrin`
`55`	`55`	`vault.UseSessionCache = false`
`56`	`56`
`57`	`57`	`configLoader := vault.NewConfigLoader(input.Config, f, input.ProfileName)`
`58`		`- config, err := configLoader.LoadFromProfile(input.ProfileName)`
	`58`	`+ config, err := configLoader.GetProfileConfig(input.ProfileName)`
`59`	`59`	`if err != nil {`
`60`	`60`	`return fmt.Errorf("Error loading config: %w", err)`
`61`	`61`	`}`
`@@ -170,7 +170,7 @@ func retry(maxTime time.Duration, sleep time.Duration, f func() error) (err erro`
`170`	`170`	`}`
`171`	`171`	`}`
`172`	`172`
`173`		`-func getUsernameIfAssumingRole(ctx context.Context, awsCfg aws.Config, config vault.Config) (string, error) {`
	`173`	`+func getUsernameIfAssumingRole(ctx context.Context, awsCfg aws.Config, config vault.ProfileConfig) (string, error) {`
`174`	`174`	`if config.RoleARN != "" {`
`175`	`175`	`n, err := vault.GetUsernameFromSession(ctx, awsCfg)`
`176`	`176`	`if err != nil {`
`@@ -185,7 +185,7 @@ func getUsernameIfAssumingRole(ctx context.Context, awsCfg aws.Config, config *v`
`185`	`185`	`func getProfilesInChain(profileName string, configLoader *vault.ConfigLoader) (profileNames []string, err error) {`
`186`	`186`	`profileNames = append(profileNames, profileName)`
`187`	`187`
`188`		`- config, err := configLoader.LoadFromProfile(profileName)`
	`188`	`+ config, err := configLoader.GetProfileConfig(profileName)`
`189`	`189`	`if err != nil {`
`190`	`190`	`return profileNames, err`
`191`	`191`	`}`
Original file line number	Diff line number	Diff line change
`@@ -269,13 +269,14 @@ func (c *ConfigFile) ProfileNames() []string {`
`269`	`269`
`270`	`270`	`// ConfigLoader loads config from configfile and environment variables`
`271`	`271`	`type ConfigLoader struct {`
`272`		`- BaseConfig Config`
`273`		`- File *ConfigFile`
`274`		`- ActiveProfile string`
	`272`	`+ BaseConfig ProfileConfig`
	`273`	`+ File *ConfigFile`
	`274`	`+ ActiveProfile string`
	`275`	`+`
`275`	`276`	`visitedProfiles []string`
`276`	`277`	`}`
`277`	`278`
`278`		`-func NewConfigLoader(baseConfig Config, file ConfigFile, activeProfile string) ConfigLoader {`
	`279`	`+func NewConfigLoader(baseConfig ProfileConfig, file ConfigFile, activeProfile string) ConfigLoader {`
`279`	`280`	`return &ConfigLoader{`
`280`	`281`	`BaseConfig: baseConfig,`
`281`	`282`	`File: file,`
`@@ -297,7 +298,7 @@ func (cl *ConfigLoader) resetLoopDetection() {`
`297`	`298`	`cl.visitedProfiles = []string{}`
`298`	`299`	`}`
`299`	`300`
`300`		`-func (cl ConfigLoader) populateFromDefaults(config Config) {`
	`301`	`+func (cl ConfigLoader) populateFromDefaults(config ProfileConfig) {`
`301`	`302`	`if config.AssumeRoleDuration == 0 {`
`302`	`303`	`config.AssumeRoleDuration = DefaultSessionDuration`
`303`	`304`	`}`
`@@ -312,7 +313,7 @@ func (cl ConfigLoader) populateFromDefaults(config Config) {`
`312`	`313`	`}`
`313`	`314`	`}`
`314`	`315`
`315`		`-func (cl ConfigLoader) populateFromConfigFile(config Config, profileName string) error {`
	`316`	`+func (cl ConfigLoader) populateFromConfigFile(config ProfileConfig, profileName string) error {`
`316`	`317`	`if !cl.visitProfile(profileName) {`
`317`	`318`	`return fmt.Errorf("Loop detected in config file for profile '%s'", profileName)`
`318`	`319`	`}`
`@@ -419,7 +420,7 @@ func (cl ConfigLoader) populateFromConfigFile(config Config, profileName strin`
`419`	`420`	`return nil`
`420`	`421`	`}`
`421`	`422`
`422`		`-func (cl ConfigLoader) populateFromEnv(profile Config) {`
	`423`	`+func (cl ConfigLoader) populateFromEnv(profile ProfileConfig) {`
`423`	`424`	`if region := os.Getenv("AWS_REGION"); region != "" && profile.Region == "" {`
`424`	`425`	`log.Printf("Using region %q from AWS_REGION", region)`
`425`	`426`	`profile.Region = region`
`@@ -501,9 +502,9 @@ func (cl ConfigLoader) populateFromEnv(profile Config) {`
`501`	`502`	`}`
`502`	`503`	`}`
`503`	`504`
`504`		`-func (cl ConfigLoader) hydrateSourceConfig(config Config) error {`
	`505`	`+func (cl ConfigLoader) hydrateSourceConfig(config ProfileConfig) error {`
`505`	`506`	`if config.SourceProfileName != "" {`
`506`		`- sc, err := cl.LoadFromProfile(config.SourceProfileName)`
	`507`	`+ sc, err := cl.GetProfileConfig(config.SourceProfileName)`
`507`	`508`	`if err != nil {`
`508`	`509`	`return err`
`509`	`510`	`}`
`@@ -513,8 +514,8 @@ func (cl ConfigLoader) hydrateSourceConfig(config Config) error {`
`513`	`514`	`return nil`
`514`	`515`	`}`
`515`	`516`
`516`		`-// LoadFromProfile loads the profile from the config file and environment variables into config`
`517`		`-func (cl ConfigLoader) LoadFromProfile(profileName string) (Config, error) {`
	`517`	`+// GetProfileConfig loads the profile from the config file and environment variables into config`
	`518`	`+func (cl ConfigLoader) GetProfileConfig(profileName string) (ProfileConfig, error) {`
`518`	`519`	`config := cl.BaseConfig`
`519`	`520`	`config.ProfileName = profileName`
`520`	`521`	`cl.populateFromEnv(&config)`
`@@ -535,19 +536,19 @@ func (cl ConfigLoader) LoadFromProfile(profileName string) (Config, error) {`
`535`	`536`	`return &config, nil`
`536`	`537`	`}`
`537`	`538`
`538`		`-// Config is a collection of configuration options for creating temporary credentials`
`539`		`-type Config struct {`
	`539`	`+// ProfileConfig is a collection of configuration options for creating temporary credentials`
	`540`	`+type ProfileConfig struct {`
`540`	`541`	`// ProfileName specifies the name of the profile config`
`541`	`542`	`ProfileName string`
`542`	`543`
`543`	`544`	`// SourceProfile is the profile where credentials come from`
`544`	`545`	`SourceProfileName string`
`545`	`546`
`546`	`547`	`// SourceProfile is the profile where credentials come from`
`547`		`- SourceProfile *Config`
	`548`	`+ SourceProfile *ProfileConfig`
`548`	`549`
`549`		`- // ChainedFromProfile is the profile that used this profile as it's source profile`
`550`		`- ChainedFromProfile *Config`
	`550`	`+ // ChainedFromProfile is the profile that used this profile as its source profile`
	`551`	`+ ChainedFromProfile *ProfileConfig`
`551`	`552`
`552`	`553`	`// Region is the AWS region`
`553`	`554`	`Region string`
`@@ -619,7 +620,7 @@ type Config struct {`
`619`	`620`	`}`
`620`	`621`
`621`	`622`	`// SetSessionTags parses a comma separated key=vaue string and sets Config.SessionTags map`
`622`		`-func (c *Config) SetSessionTags(s string) error {`
	`623`	`+func (c *ProfileConfig) SetSessionTags(s string) error {`
`623`	`624`	`c.SessionTags = make(map[string]string)`
`624`	`625`	`for _, tag := range strings.Split(s, ",") {`
`625`	`626`	`kvPair := strings.SplitN(tag, "=", 2)`
`@@ -633,54 +634,54 @@ func (c *Config) SetSessionTags(s string) error {`
`633`	`634`	`}`
`634`	`635`
`635`	`636`	`// SetTransitiveSessionTags parses a comma separated string and sets Config.TransitiveSessionTags`
`636`		`-func (c *Config) SetTransitiveSessionTags(s string) {`
	`637`	`+func (c *ProfileConfig) SetTransitiveSessionTags(s string) {`
`637`	`638`	`for _, tag := range strings.Split(s, ",") {`
`638`	`639`	`if tag = strings.TrimSpace(tag); tag != "" {`
`639`	`640`	`c.TransitiveSessionTags = append(c.TransitiveSessionTags, tag)`
`640`	`641`	`}`
`641`	`642`	`}`
`642`	`643`	`}`
`643`	`644`
`644`		`-func (c *Config) IsChained() bool {`
	`645`	`+func (c *ProfileConfig) IsChained() bool {`
`645`	`646`	`return c.ChainedFromProfile != nil`
`646`	`647`	`}`
`647`	`648`
`648`		`-func (c *Config) HasSourceProfile() bool {`
	`649`	`+func (c *ProfileConfig) HasSourceProfile() bool {`
`649`	`650`	`return c.SourceProfile != nil`
`650`	`651`	`}`
`651`	`652`
`652`		`-func (c *Config) HasMfaSerial() bool {`
	`653`	`+func (c *ProfileConfig) HasMfaSerial() bool {`
`653`	`654`	`return c.MfaSerial != ""`
`654`	`655`	`}`
`655`	`656`
`656`		`-func (c *Config) HasRole() bool {`
	`657`	`+func (c *ProfileConfig) HasRole() bool {`
`657`	`658`	`return c.RoleARN != ""`
`658`	`659`	`}`
`659`	`660`
`660`		`-func (c *Config) HasSSOSession() bool {`
	`661`	`+func (c *ProfileConfig) HasSSOSession() bool {`
`661`	`662`	`return c.SSOSession != ""`
`662`	`663`	`}`
`663`	`664`
`664`		`-func (c *Config) HasSSOStartURL() bool {`
	`665`	`+func (c *ProfileConfig) HasSSOStartURL() bool {`
`665`	`666`	`return c.SSOStartURL != ""`
`666`	`667`	`}`
`667`	`668`
`668`		`-func (c *Config) HasWebIdentity() bool {`
	`669`	`+func (c *ProfileConfig) HasWebIdentity() bool {`
`669`	`670`	`return c.WebIdentityTokenFile != "" \|\| c.WebIdentityTokenProcess != ""`
`670`	`671`	`}`
`671`	`672`
`672`		`-func (c *Config) HasCredentialProcess() bool {`
	`673`	`+func (c *ProfileConfig) HasCredentialProcess() bool {`
`673`	`674`	`return c.CredentialProcess != ""`
`674`	`675`	`}`
`675`	`676`
`676`		`-func (c *Config) GetSessionTokenDuration() time.Duration {`
	`677`	`+func (c *ProfileConfig) GetSessionTokenDuration() time.Duration {`
`677`	`678`	`if c.IsChained() {`
`678`	`679`	`return c.ChainedGetSessionTokenDuration`
`679`	`680`	`}`
`680`	`681`	`return c.NonChainedGetSessionTokenDuration`
`681`	`682`	`}`
`682`	`683`
`683`		`-func (c *Config) Validate() error {`
	`684`	`+func (c *ProfileConfig) Validate() error {`
`684`	`685`	`if c.HasSSOSession() && !c.HasSSOStartURL() {`
`685`	`686`	`return fmt.Errorf("profile '%s' has sso_session but no sso_start_url", c.ProfileName)`
`686`	`687`	`}`
`@@ -700,7 +701,6 @@ func (c *Config) Validate() error {`
`700`	`701`	`} else if c.HasRole() {`
`701`	`702`	`n++`
`702`	`703`	`}`
`703`		`-`
`704`	`704`	`if n > 1 {`
`705`	`705`	`return fmt.Errorf("profile '%s' has more than one source of credentials", c.ProfileName)`
`706`	`706`	`}`
Original file line number	Diff line number	Diff line change
`@@ -254,7 +254,7 @@ func TestIncludeProfile(t *testing.T) {`
`254`	`254`	`}`
`255`	`255`
`256`	`256`	`configLoader := &vault.ConfigLoader{File: configFile}`
`257`		`- config, err := configLoader.LoadFromProfile("testincludeprofile2")`
	`257`	`+ config, err := configLoader.GetProfileConfig("testincludeprofile2")`
`258`	`258`	`if err != nil {`
`259`	`259`	`t.Fatalf("Should have found a profile: %v", err)`
`260`	`260`	`}`
`@@ -274,7 +274,7 @@ func TestIncludeSsoSession(t *testing.T) {`
`274`	`274`	`}`
`275`	`275`
`276`	`276`	`configLoader := &vault.ConfigLoader{File: configFile}`
`277`		`- config, err := configLoader.LoadFromProfile("with-sso-session")`
	`277`	`+ config, err := configLoader.GetProfileConfig("with-sso-session")`
`278`	`278`	`if err != nil {`
`279`	`279`	`t.Fatalf("Should have found a profile: %v", err)`
`280`	`280`	`}`
`@@ -369,7 +369,7 @@ source_profile=foo`
`369`	`369`	`}`
`370`	`370`
`371`	`371`	`configLoader := &vault.ConfigLoader{File: configFile}`
`372`		`- config, err := configLoader.LoadFromProfile("foo")`
	`372`	`+ config, err := configLoader.GetProfileConfig("foo")`
`373`	`373`	`if err != nil {`
`374`	`374`	`t.Fatalf("Should have found a profile: %v", err)`
`375`	`375`	`}`
`@@ -406,7 +406,7 @@ source_profile=root`
`406`	`406`	`}`
`407`	`407`
`408`	`408`	`configLoader := &vault.ConfigLoader{File: configFile}`
`409`		`- config, err := configLoader.LoadFromProfile("foo")`
	`409`	`+ config, err := configLoader.GetProfileConfig("foo")`
`410`	`410`	`if err != nil {`
`411`	`411`	`t.Fatalf("Should have found a profile: %v", err)`
`412`	`412`	`}`
`@@ -441,7 +441,7 @@ func TestSetSessionTags(t *testing.T) {`
`441`	`441`	`}`
`442`	`442`
`443`	`443`	`for _, tc := range testCases {`
`444`		`- config := vault.Config{}`
	`444`	`+ config := vault.ProfileConfig{}`
`445`	`445`	`err := config.SetSessionTags(tc.stringValue)`
`446`	`446`	`if tc.ok {`
`447`	`447`	`if err != nil {`
`@@ -473,7 +473,7 @@ func TestSetTransitiveSessionTags(t *testing.T) {`
`473`	`473`	`}`
`474`	`474`
`475`	`475`	`for _, tc := range testCases {`
`476`		`- config := vault.Config{}`
	`476`	`+ config := vault.ProfileConfig{}`
`477`	`477`	`config.SetTransitiveSessionTags(tc.stringValue)`
`478`	`478`	`if !reflect.DeepEqual(tc.expected, config.TransitiveSessionTags) {`
`479`	`479`	`t.Fatalf("Expected TransitiveSessionTags: %+v, got %+v", tc.expected, config.TransitiveSessionTags)`
`@@ -496,7 +496,7 @@ transitive_session_tags = tagOne ,tagTwo,tagThree`
`496`	`496`	`t.Fatal(err)`
`497`	`497`	`}`
`498`	`498`	`configLoader := &vault.ConfigLoader{File: configFile, ActiveProfile: "tagged"}`
`499`		`- config, err := configLoader.LoadFromProfile("tagged")`
	`499`	`+ config, err := configLoader.GetProfileConfig("tagged")`
`500`	`500`	`if err != nil {`
`501`	`501`	`t.Fatalf("Should have found a profile: %v", err)`
`502`	`502`	`}`
`@@ -533,7 +533,7 @@ transitive_session_tags = tagOne ,tagTwo,tagThree`
`533`	`533`	`t.Fatal(err)`
`534`	`534`	`}`
`535`	`535`	`configLoader := &vault.ConfigLoader{File: configFile, ActiveProfile: "tagged"}`
`536`		`- config, err := configLoader.LoadFromProfile("tagged")`
	`536`	`+ config, err := configLoader.GetProfileConfig("tagged")`
`537`	`537`	`if err != nil {`
`538`	`538`	`t.Fatalf("Should have found a profile: %v", err)`
`539`	`539`	`}`
`@@ -578,7 +578,7 @@ source_profile = interim`
`578`	`578`	`t.Fatal(err)`
`579`	`579`	`}`
`580`	`580`	`configLoader := &vault.ConfigLoader{File: configFile, ActiveProfile: "target"}`
`581`		`- config, err := configLoader.LoadFromProfile("target")`
	`581`	`+ config, err := configLoader.GetProfileConfig("target")`
`582`	`582`	`if err != nil {`
`583`	`583`	`t.Fatalf("Should have found a profile: %v", err)`
`584`	`584`	`}`
`@@ -640,13 +640,13 @@ credential_process = true`
`640`	`640`	`configFile, _ := vault.LoadConfig(f)`
`641`	`641`	`configLoader := &vault.ConfigLoader{File: configFile}`
`642`	`642`
`643`		`- config, _ := configLoader.LoadFromProfile("foo:staging")`
	`643`	`+ config, _ := configLoader.GetProfileConfig("foo:staging")`
`644`	`644`	`err := config.Validate()`
`645`	`645`	`if err != nil {`
`646`	`646`	`t.Fatalf("Should have validated: %v", err)`
`647`	`647`	`}`
`648`	`648`
`649`		`- config, _ = configLoader.LoadFromProfile("foo:production")`
	`649`	`+ config, _ = configLoader.GetProfileConfig("foo:production")`
`650`	`650`	`err = config.Validate()`
`651`	`651`	`if err == nil {`
`652`	`652`	`t.Fatalf("Should have failed validation: %v", err)`
Original file line number	Diff line number	Diff line change
`@@ -33,7 +33,7 @@ func (m *Mfa) GetMfaSerial() string {`
`33`	`33`	`return m.mfaSerial`
`34`	`34`	`}`
`35`	`35`
`36`		`-func NewMfa(config Config) Mfa {`
	`36`	`+func NewMfa(config ProfileConfig) Mfa {`
`37`	`37`	`m := Mfa{`
`38`	`38`	`mfaSerial: config.MfaSerial,`
`39`	`39`	`}`