fix: allow for credential process

Author: dnitsch

Makefile

@@ -1,5 +1,5 @@
 NAME := aws-cli-auth
-VERSION := v0.1.0
+VERSION := v0.2.0
 REVISION := $(shell git rev-parse --short HEAD)
 
 LDFLAGS := -ldflags="-s -w -X \"github.com/dnitsch/aws-cli-auth/version.Version=$(VERSION)\" -X \"github.com/dnitsch/aws-cli-auth/version.Revision=$(REVISION)\" -extldflags -static"

README.md

@@ -105,18 +105,19 @@ To give it a quick test.
 aws sts get-caller-identity --profile=nonprod_saml_admin
 ```
 
-<!-- ### Integrate aws-cli
+### Integrate aws-cli
 
 [Sourcing credentials with an external process](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sourcing-external.html) describes how to integrate aws-cli with external tool.
 You can use `aws-cli-auth` as the external process. Add the following lines to your `.aws/config` file.
 
 ```
-[profile ]
-credential_process=aws-cli-auth get-cred -p myop -r arn:aws:iam::123456789012:role/developer -j -s -d 43200
+[profile test_nonprod_iag]
+region = eu-west-1
+credential_process=aws-cli-auth saml -p https://your-idp.com/idp/foo?PARTNER=urn:amazon:webservices --principal arn:aws:iam::XXXXXXXXXX:saml-provider/IDP_ENTITY_ID -r arn:aws:iam::XXXXXXXXXX:role/Developer -d 3600
 ```
 
-Caution: The AWS temporary credentials will be saved into your OS secret store by using `-s` option to reduce authentication each time you use `aws-cli` tool.
--->
+Notice the missing `-s` | `--store-profile` flag
+
 ## Licence
  WFTPL
 

cmd/saml.go

@@ -1,13 +1,8 @@
 package cmd
 
 import (
-	"fmt"
-	"os/user"
-
 	"github.com/dnitsch/aws-cli-auth/internal/config"
 	"github.com/dnitsch/aws-cli-auth/internal/saml"
-	"github.com/dnitsch/aws-cli-auth/internal/util"
-	"github.com/dnitsch/aws-cli-auth/internal/web"
 	"github.com/spf13/cobra"
 )
 
@@ -35,26 +30,14 @@ func init() {
 }
 
 func getSaml(cmd *cobra.Command, args []string) {
-	if cfgSectionName == "" {
-		util.Writeln("The SAML provider name is required")
-		util.Exit(nil)
-	}
-
-	t, err := web.GetSamlLogin(providerUrl, acsUrl)
-	if err != nil {
-		fmt.Printf("Err: %v", err)
+	conf := config.SamlConfig{
+		ProviderUrl:  providerUrl,
+		PrincipalArn: principalArn,
+		Duration:     duration,
+		AcsUrl:       acsUrl,
+		BaseConfig:   config.BaseConfig{StoreInProfile: storeInProfile, Role: role, CfgSectionName: cfgSectionName},
 	}
-	user, err := user.Current()
-	if err != nil {
-		fmt.Errorf(err.Error())
-	}
-
-	roleObj := &util.AWSRole{RoleARN: role, PrincipalARN: principalArn, Name: util.SessionName(user.Username, config.SELF_NAME), Duration: duration}
 
-	creds, err := saml.LoginStsSaml(t, roleObj)
-	if err != nil {
-		fmt.Printf("%v", err)
-	}
+	saml.GetSamlCreds(conf)
 
-	util.SetCredentials(creds, cfgSectionName, storeInProfile)
 }

go.mod

@@ -8,12 +8,20 @@ require (
 	github.com/pkg/errors v0.9.1
 	github.com/spf13/cobra v1.3.0
 	github.com/spf13/viper v1.10.1
+	github.com/zalando/go-keyring v0.2.0
 )
 
 require (
+	github.com/alessio/shellescape v1.4.1 // indirect
+	github.com/danieljoos/wincred v1.1.0 // indirect
+	github.com/godbus/dbus/v5 v5.0.6 // indirect
+	github.com/gofrs/flock v0.7.1 // indirect
+	github.com/google/uuid v1.1.2 // indirect
+	github.com/spaolacci/murmur3 v1.1.0 // indirect
 	github.com/ysmood/goob v0.3.1 // indirect
 	github.com/ysmood/gson v0.6.4 // indirect
 	github.com/ysmood/leakless v0.7.0 // indirect
+	golang.org/x/crypto v0.0.0-20210817164053-32db794688a5 // indirect
 )
 
 require (
@@ -30,6 +38,7 @@ require (
 	github.com/spf13/jwalterweatherman v1.1.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/subosito/gotenv v1.2.0 // indirect
+	github.com/werf/lockgate v0.0.0-20211004100849-f85d5325b201
 	golang.org/x/sys v0.0.0-20220209214540-3681064d5158 // indirect
 	golang.org/x/text v0.3.7 // indirect
 	gopkg.in/ini.v1 v1.66.2