Migrate SSO profile properties to the SDK class (#2965)

abrooksv · web-flow · commit 1eb5c18918db · 2021-11-16T10:01:26.000-08:00
diff --git a/core/src/software/aws/toolkits/core/credentials/sso/SsoProfileProperty.kt b/core/src/software/aws/toolkits/core/credentials/sso/SsoProfileProperty.kt
diff --git a/jetbrains-core/src/software/aws/toolkits/jetbrains/core/credentials/profiles/ProfileCredentialProviderFactory.kt b/jetbrains-core/src/software/aws/toolkits/jetbrains/core/credentials/profiles/ProfileCredentialProviderFactory.kt
@@ -19,7 +19,6 @@ import software.aws.toolkits.core.credentials.CredentialSourceId
 import software.aws.toolkits.core.credentials.CredentialType
 import software.aws.toolkits.core.credentials.CredentialsChangeEvent
 import software.aws.toolkits.core.credentials.CredentialsChangeListener
-import software.aws.toolkits.core.credentials.sso.SSO_URL
 import software.aws.toolkits.core.credentials.sso.SsoCache
 import software.aws.toolkits.core.region.AwsRegion
 import software.aws.toolkits.jetbrains.core.credentials.MfaRequiredInteractiveCredentials
@@ -203,7 +202,7 @@ class ProfileCredentialProviderFactory(private val ssoCache: SsoCache = diskCach
     }
 
     private fun createAwsCredentialProvider(profile: Profile, region: AwsRegion) = when {
-        profile.propertyExists(SSO_URL) -> createSsoProvider(profile)
+        profile.propertyExists(ProfileProperty.SSO_START_URL) -> createSsoProvider(profile)
         profile.propertyExists(ProfileProperty.ROLE_ARN) -> createAssumeRoleProvider(profile, region)
         profile.propertyExists(ProfileProperty.AWS_SESSION_TOKEN) -> createStaticSessionProvider(profile)
         profile.propertyExists(ProfileProperty.AWS_ACCESS_KEY_ID) -> createBasicProvider(profile)
@@ -253,7 +252,7 @@ class ProfileCredentialProviderFactory(private val ssoCache: SsoCache = diskCach
                 name,
                 defaultRegion,
                 ssoCache,
-                this.traverseCredentialChain(profiles).map { it.property(SSO_URL) }.first { it.isPresent }.get(),
+                this.traverseCredentialChain(profiles).map { it.property(ProfileProperty.SSO_START_URL) }.first { it.isPresent }.get(),
                 requestedProfileType
             )
             else -> ProfileCredentialsIdentifier(name, defaultRegion, requestedProfileType)
@@ -264,11 +263,11 @@ class ProfileCredentialProviderFactory(private val ssoCache: SsoCache = diskCach
         .any { it.propertyExists(ProfileProperty.MFA_SERIAL) }
 
     private fun Profile.requiresSso(profiles: Map<String, Profile>) = this.traverseCredentialChain(profiles)
-        .any { it.propertyExists(SSO_URL) }
+        .any { it.propertyExists(ProfileProperty.SSO_START_URL) }
 }
 
 private fun Profile.toCredentialType(): CredentialType? = when {
-    this.propertyExists(SSO_URL) -> CredentialType.SsoProfile
+    this.propertyExists(ProfileProperty.SSO_START_URL) -> CredentialType.SsoProfile
     this.propertyExists(ProfileProperty.ROLE_ARN) -> {
         if (this.propertyExists(ProfileProperty.MFA_SERIAL)) {
             CredentialType.AssumeMfaRoleProfile
diff --git a/jetbrains-core/src/software/aws/toolkits/jetbrains/core/credentials/profiles/ProfileReader.kt b/jetbrains-core/src/software/aws/toolkits/jetbrains/core/credentials/profiles/ProfileReader.kt
@@ -6,10 +6,6 @@ package software.aws.toolkits.jetbrains.core.credentials.profiles
 import software.amazon.awssdk.profiles.Profile
 import software.amazon.awssdk.profiles.ProfileFile
 import software.amazon.awssdk.profiles.ProfileProperty
-import software.aws.toolkits.core.credentials.sso.SSO_ACCOUNT
-import software.aws.toolkits.core.credentials.sso.SSO_REGION
-import software.aws.toolkits.core.credentials.sso.SSO_ROLE_NAME
-import software.aws.toolkits.core.credentials.sso.SSO_URL
 import software.aws.toolkits.resources.message
 
 data class Profiles(val validProfiles: Map<String, Profile>, val invalidProfiles: Map<String, Exception>)
@@ -37,7 +33,7 @@ fun validateAndGetProfiles(): Profiles {
 
 private fun validateProfile(profile: Profile, allProfiles: Map<String, Profile>) {
     when {
-        profile.propertyExists(SSO_URL) -> validateSsoProfile(profile)
+        profile.propertyExists(ProfileProperty.SSO_START_URL) -> validateSsoProfile(profile)
         profile.propertyExists(ProfileProperty.ROLE_ARN) -> validateAssumeRoleProfile(profile, allProfiles)
         profile.propertyExists(ProfileProperty.AWS_SESSION_TOKEN) -> validateStaticSessionProfile(profile)
         profile.propertyExists(ProfileProperty.AWS_ACCESS_KEY_ID) -> validateBasicProfile(profile)
@@ -51,9 +47,9 @@ private fun validateProfile(profile: Profile, allProfiles: Map<String, Profile>)
 }
 
 fun validateSsoProfile(profile: Profile) {
-    profile.requiredProperty(SSO_ACCOUNT)
-    profile.requiredProperty(SSO_REGION)
-    profile.requiredProperty(SSO_ROLE_NAME)
+    profile.requiredProperty(ProfileProperty.SSO_ACCOUNT_ID)
+    profile.requiredProperty(ProfileProperty.SSO_REGION)
+    profile.requiredProperty(ProfileProperty.SSO_ROLE_NAME)
 }
 
 private fun validateAssumeRoleProfile(profile: Profile, allProfiles: Map<String, Profile>) {
diff --git a/jetbrains-core/src/software/aws/toolkits/jetbrains/core/credentials/profiles/ProfileSsoProvider.kt b/jetbrains-core/src/software/aws/toolkits/jetbrains/core/credentials/profiles/ProfileSsoProvider.kt
@@ -7,14 +7,11 @@ import software.amazon.awssdk.auth.credentials.AnonymousCredentialsProvider
 import software.amazon.awssdk.auth.credentials.AwsCredentials
 import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider
 import software.amazon.awssdk.profiles.Profile
+import software.amazon.awssdk.profiles.ProfileProperty
 import software.amazon.awssdk.regions.Region
 import software.amazon.awssdk.services.sso.SsoClient
 import software.amazon.awssdk.services.ssooidc.SsoOidcClient
 import software.amazon.awssdk.utils.SdkAutoCloseable
-import software.aws.toolkits.core.credentials.sso.SSO_ACCOUNT
-import software.aws.toolkits.core.credentials.sso.SSO_REGION
-import software.aws.toolkits.core.credentials.sso.SSO_ROLE_NAME
-import software.aws.toolkits.core.credentials.sso.SSO_URL
 import software.aws.toolkits.core.credentials.sso.SsoAccessTokenProvider
 import software.aws.toolkits.core.credentials.sso.SsoCredentialProvider
 import software.aws.toolkits.jetbrains.core.AwsClientManager
@@ -27,23 +24,23 @@ class ProfileSsoProvider(profile: Profile) : AwsCredentialsProvider, SdkAutoClos
     private val credentialsProvider: SsoCredentialProvider
 
     init {
-        val ssoRegion = profile.requiredProperty(SSO_REGION)
+        val ssoRegion = profile.requiredProperty(ProfileProperty.SSO_REGION)
         val clientManager = AwsClientManager.getInstance()
 
         ssoClient = clientManager.createUnmanagedClient(AnonymousCredentialsProvider.create(), Region.of(ssoRegion))
         ssoOidcClient = clientManager.createUnmanagedClient(AnonymousCredentialsProvider.create(), Region.of(ssoRegion))
 
         val ssoAccessTokenProvider = SsoAccessTokenProvider(
-            profile.requiredProperty(SSO_URL),
+            profile.requiredProperty(ProfileProperty.SSO_START_URL),
             ssoRegion,
             SsoPrompt,
             diskCache,
             ssoOidcClient
         )
 
         credentialsProvider = SsoCredentialProvider(
-            profile.requiredProperty(SSO_ACCOUNT),
-            profile.requiredProperty(SSO_ROLE_NAME),
+            profile.requiredProperty(ProfileProperty.SSO_ACCOUNT_ID),
+            profile.requiredProperty(ProfileProperty.SSO_ROLE_NAME),
             ssoClient,
             ssoAccessTokenProvider
         )
