Skip to content

Commit b55301a

Browse files
dnitschdnitsch
committed
fix: add validator to the final config struct
1 parent 26a7f29 commit b55301a

File tree

4 files changed

+76
-13
lines changed

4 files changed

+76
-13
lines changed

cmd/saml.go

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,12 +13,14 @@ import (
1313
"github.com/DevLabFoundry/aws-cli-auth/internal/web"
1414
"github.com/aws/aws-sdk-go-v2/config"
1515
"github.com/aws/aws-sdk-go-v2/service/sts"
16+
validator "github.com/rezakhademix/govalidator/v2"
1617
"github.com/spf13/cobra"
1718
"gopkg.in/ini.v1"
1819
)
1920

2021
var (
2122
ErrUnableToCreateSession = errors.New("sts - cannot start a new session")
23+
ErrValidationFailed = errors.New("missing values")
2224
)
2325

2426
const (
@@ -219,5 +221,20 @@ func ConfigFromFlags(fileConfig *credentialexchange.CredentialConfig, rf *RootCm
219221

220222
fileConfig.BaseConfig = baseConf
221223
fileConfig.Duration = d
224+
225+
return configValid(fileConfig)
226+
}
227+
228+
func configValid(config *credentialexchange.CredentialConfig) error {
229+
v := validator.New()
230+
231+
v.RequiredString(config.ProviderUrl, "provider-url", "provider url must be specified").
232+
RequiredString(config.BaseConfig.Role, "role", "role must be provided").
233+
RequiredString(config.PrincipalArn, "principal-arn", "principal ARN must be provided").
234+
CustomRule(!(len(config.BaseConfig.Role) > 1 && len(config.SsoRole) > 1), "sso-role", "sso-role cannot be specified when role is also set")
235+
236+
if v.IsFailed() {
237+
return fmt.Errorf("%w %#q", ErrValidationFailed, v.Errors())
238+
}
222239
return nil
223240
}

cmd/saml_test.go

Lines changed: 55 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,21 +1,23 @@
11
package cmd_test
22

33
import (
4+
"errors"
45
"testing"
56

67
"github.com/DevLabFoundry/aws-cli-auth/cmd"
78
"github.com/DevLabFoundry/aws-cli-auth/internal/credentialexchange"
89
"github.com/go-test/deep"
910
)
1011

11-
func Test_ConfigMerge(t *testing.T) {
12+
func Test_ConfigMerge_succeeds(t *testing.T) {
1213
conf := &credentialexchange.CredentialConfig{
1314
BaseConfig: credentialexchange.BaseConfig{
1415
BrowserExecutablePath: "/foo/path",
1516
Role: "role1",
1617
RoleChain: []string{"role-123"},
1718
},
18-
ProviderUrl: "https://my-idp.com/?app_id=testdd",
19+
PrincipalArn: "aw:arn:....123",
20+
ProviderUrl: "https://my-idp.com/?app_id=testdd",
1921
}
2022
if err := cmd.ConfigFromFlags(conf, &cmd.RootCmdFlags{}, &cmd.SamlCmdFlags{Role: "role-overridden-from-flags"}, "me"); err != nil {
2123
t.Fatal(err)
@@ -28,8 +30,59 @@ func Test_ConfigMerge(t *testing.T) {
2830
RoleChain: []string{"role-123"},
2931
Username: "me",
3032
},
33+
PrincipalArn: "aw:arn:....123",
3134
}
3235
if diff := deep.Equal(conf, want); len(diff) > 0 {
3336
t.Errorf("diff: %v", diff)
3437
}
3538
}
39+
40+
func Test_ConfigMerge_fails_with_missing(t *testing.T) {
41+
t.Run("provider not provided", func(t *testing.T) {
42+
43+
conf := &credentialexchange.CredentialConfig{
44+
BaseConfig: credentialexchange.BaseConfig{
45+
BrowserExecutablePath: "/foo/path",
46+
Role: "",
47+
RoleChain: []string{"role-123"},
48+
},
49+
ProviderUrl: "",
50+
}
51+
err := cmd.ConfigFromFlags(conf, &cmd.RootCmdFlags{}, &cmd.SamlCmdFlags{Role: "role-overridden-from-flags"}, "me")
52+
if !errors.Is(err, cmd.ErrValidationFailed) {
53+
t.Error(err)
54+
}
55+
})
56+
t.Run("role not provided", func(t *testing.T) {
57+
58+
conf := &credentialexchange.CredentialConfig{
59+
BaseConfig: credentialexchange.BaseConfig{
60+
BrowserExecutablePath: "/foo/path",
61+
Role: "",
62+
RoleChain: []string{"role-123"},
63+
},
64+
ProviderUrl: "https://my-idp.com/?app_id=testdd",
65+
}
66+
err := cmd.ConfigFromFlags(conf, &cmd.RootCmdFlags{}, &cmd.SamlCmdFlags{}, "me")
67+
if !errors.Is(err, cmd.ErrValidationFailed) {
68+
t.Error(err)
69+
}
70+
})
71+
t.Run("role and sso-role provided", func(t *testing.T) {
72+
73+
conf := &credentialexchange.CredentialConfig{
74+
BaseConfig: credentialexchange.BaseConfig{
75+
BrowserExecutablePath: "/foo/path",
76+
Role: "",
77+
RoleChain: []string{"role-123"},
78+
},
79+
SsoRegion: "foo",
80+
SsoRole: "foo:bar",
81+
ProviderUrl: "https://my-idp.com/?app_id=testdd",
82+
}
83+
err := cmd.ConfigFromFlags(conf, &cmd.RootCmdFlags{}, &cmd.SamlCmdFlags{}, "me")
84+
if !errors.Is(err, cmd.ErrValidationFailed) {
85+
t.Error(err)
86+
}
87+
})
88+
}

go.mod

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,14 @@
11
module github.com/DevLabFoundry/aws-cli-auth
22

3-
go 1.25.4
3+
go 1.25.5
44

55
require (
66
github.com/aws/aws-sdk-go-v2 v1.39.6
77
github.com/aws/aws-sdk-go-v2/config v1.31.20
88
github.com/aws/aws-sdk-go-v2/service/sts v1.40.2
99
github.com/aws/smithy-go v1.23.2
1010
github.com/go-rod/rod v0.116.2
11+
github.com/rezakhademix/govalidator/v2 v2.1.2
1112
github.com/spf13/cobra v1.10.1
1213
github.com/werf/lockgate v0.1.1
1314
github.com/zalando/go-keyring v0.2.6

go.sum

Lines changed: 2 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -6,12 +6,8 @@ github.com/Ensono/eirctl v0.9.6 h1:G6S0ZJ2VtedGW2/nn8sbMQnNbLVXgjwNJnuLEHUjJRc=
66
github.com/Ensono/eirctl v0.9.6/go.mod h1:pxX1iE+guf8Lyvs98FkNnMKqyTtHaLrJgB3f4foEROk=
77
github.com/aws/aws-sdk-go-v2 v1.39.6 h1:2JrPCVgWJm7bm83BDwY5z8ietmeJUbh3O2ACnn+Xsqk=
88
github.com/aws/aws-sdk-go-v2 v1.39.6/go.mod h1:c9pm7VwuW0UPxAEYGyTmyurVcNrbF6Rt/wixFqDhcjE=
9-
github.com/aws/aws-sdk-go-v2/config v1.31.19 h1:qdUtOw4JhZr2YcKO3g0ho/IcFXfXrrb8xlX05Y6EvSw=
10-
github.com/aws/aws-sdk-go-v2/config v1.31.19/go.mod h1:tMJ8bur01t8eEm0atLadkIIFA154OJ4JCKZeQ+o+R7k=
119
github.com/aws/aws-sdk-go-v2/config v1.31.20 h1:/jWF4Wu90EhKCgjTdy1DGxcbcbNrjfBHvksEL79tfQc=
1210
github.com/aws/aws-sdk-go-v2/config v1.31.20/go.mod h1:95Hh1Tc5VYKL9NJ7tAkDcqeKt+MCXQB1hQZaRdJIZE0=
13-
github.com/aws/aws-sdk-go-v2/credentials v1.18.23 h1:IQILcxVgMO2BVLaJ2aAv21dKWvE1MduNrbvuK43XL2Q=
14-
github.com/aws/aws-sdk-go-v2/credentials v1.18.23/go.mod h1:JRodHszhVdh5TPUknxDzJzrMiznG+M+FfR3WSWKgCI8=
1511
github.com/aws/aws-sdk-go-v2/credentials v1.18.24 h1:iJ2FmPT35EaIB0+kMa6TnQ+PwG5A1prEdAw+PsMzfHg=
1612
github.com/aws/aws-sdk-go-v2/credentials v1.18.24/go.mod h1:U91+DrfjAiXPDEGYhh/x29o4p0qHX5HDqG7y5VViv64=
1713
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.13 h1:T1brd5dR3/fzNFAQch/iBKeX07/ffu/cLu+q+RuzEWk=
@@ -26,16 +22,10 @@ github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.3 h1:x2Ibm/A
2622
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.3/go.mod h1:IW1jwyrQgMdhisceG8fQLmQIydcT/jWY21rFhzgaKwo=
2723
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.13 h1:kDqdFvMY4AtKoACfzIGD8A0+hbT41KTKF//gq7jITfM=
2824
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.13/go.mod h1:lmKuogqSU3HzQCwZ9ZtcqOc5XGMqtDK7OIc2+DxiUEg=
29-
github.com/aws/aws-sdk-go-v2/service/sso v1.30.2 h1:/p6MxkbQoCzaGQT3WO0JwG0FlQyG9RD8VmdmoKc5xqU=
30-
github.com/aws/aws-sdk-go-v2/service/sso v1.30.2/go.mod h1:fKvyjJcz63iL/ftA6RaM8sRCtN4r4zl4tjL3qw5ec7k=
3125
github.com/aws/aws-sdk-go-v2/service/sso v1.30.3 h1:NjShtS1t8r5LUfFVtFeI8xLAHQNTa7UI0VawXlrBMFQ=
3226
github.com/aws/aws-sdk-go-v2/service/sso v1.30.3/go.mod h1:fKvyjJcz63iL/ftA6RaM8sRCtN4r4zl4tjL3qw5ec7k=
33-
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.6 h1:0dES42T2dhICCbVB3JSTTn7+Bz93wfJEK1b7jksZIyQ=
34-
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.6/go.mod h1:klO+ejMvYsB4QATfEOIXk8WAEwN4N0aBfJpvC+5SZBo=
3527
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.7 h1:gTsnx0xXNQ6SBbymoDvcoRHL+q4l/dAFsQuKfDWSaGc=
3628
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.7/go.mod h1:klO+ejMvYsB4QATfEOIXk8WAEwN4N0aBfJpvC+5SZBo=
37-
github.com/aws/aws-sdk-go-v2/service/sts v1.40.1 h1:5sbIM57lHLaEaNWdIx23JH30LNBsSDkjN/QXGcRLAFc=
38-
github.com/aws/aws-sdk-go-v2/service/sts v1.40.1/go.mod h1:E19xDjpzPZC7LS2knI9E6BaRFDK43Eul7vd6rSq2HWk=
3929
github.com/aws/aws-sdk-go-v2/service/sts v1.40.2 h1:HK5ON3KmQV2HcAunnx4sKLB9aPf3gKGwVAf7xnx0QT0=
4030
github.com/aws/aws-sdk-go-v2/service/sts v1.40.2/go.mod h1:E19xDjpzPZC7LS2knI9E6BaRFDK43Eul7vd6rSq2HWk=
4131
github.com/aws/smithy-go v1.23.2 h1:Crv0eatJUQhaManss33hS5r40CG3ZFH+21XSkqMrIUM=
@@ -85,6 +75,8 @@ github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db h1:62I3jR2Em
8575
github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db/go.mod h1:l0dey0ia/Uv7NcFFVbCLtqEBQbrT4OCwCSKTEv6enCw=
8676
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
8777
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
78+
github.com/rezakhademix/govalidator/v2 v2.1.2 h1:qqCIkWC6sWr8zeW9zCkYEJxbZMt/Dn1ASXkGIQe3rDI=
79+
github.com/rezakhademix/govalidator/v2 v2.1.2/go.mod h1:be7JrYM3STiL5jYt1WrQN5ArR8xTov/DvWJ9yXtULj8=
8880
github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
8981
github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
9082
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=

0 commit comments

Comments
 (0)