search

Nike-Inc / gimme-aws-creds

A CLI that utilizes Okta IdP via SAML to acquire temporary AWS credentials
Apache License 2.0
919 stars 262 forks source link

Allow `gimme_aws_creds.ui.UserInterface` to provide input for passwords #428

Closed jbgosselin closed 11 months ago

jbgosselin commented 11 months ago

Overriding gimme_aws_creds.ui.UserInterface allows to specify how to handle user inputs.

Expected Behavior

All user inputs should pass through gimme_aws_creds.ui.UserInterface functions.

Current Behavior

Some user inputs bypass the gimme_aws_creds.ui.UserInterface

Possible Solution

429

Steps to Reproduce (for bugs)

import os
import sys
import gimme_aws_creds.main
import gimme_aws_creds.ui

class AutoUI(gimme_aws_creds.ui.UserInterface):
    def __init__(self, environ=os.environ, argv=None):
        super().__init__(environ, argv)
        self._last_prompt = None
        self._op_data = {
            "username": "me",
            "password": "changeme",
            "otp": "123456",
        }

    def result(self, result):
        print("Calls result")
        print(result)

    def prompt(self, message):
        print("Calls prompt")
        if message.startswith("Enter verification code:"):
            self._last_prompt = "otp"
        elif message.startswith("Okta Password for "):
            self._last_prompt = "password"
        elif message.startswith("Username:"):
            self._last_prompt = "username"
        else:
            raise Exception('Unknown prompt "{}"'.format(message))
        print(message)

    def message(self, message):
        print("Calls message")
        print(message)

    def read_input(self, hidden=False):
        if self._last_prompt is None:
            raise Exception("No prompt before read_input")
        return self._op_data[self._last_prompt]

    def notify(self, message):
        print("Calls notify")
        print(message)

ui = AutoUI(argv=sys.argv)
creds = gimme_aws_creds.main.GimmeAWSCreds(ui=ui)
print(creds)

# Print out all selected roles:
for role in creds.aws_selected_roles:
    print(role)

Context

I'm currently in the process of creating a python script to automate my login with gimme-aws-creds with my password manager and I cannot provide my password through gimme_aws_creds.ui.UserInterface subclass.

Your Environment