Sync fails when values have double-quotes

[chickenandpork]

When parameters have double-quotes, and these values are split for use in a child shell, the split ignores double-quotes, resulting in a " in the parameter, which conflicts with a shell command.

basics

• yawsso 0.6.2
• MacOS 12.4
• AWSCLI 2.7.13
• bash 3.2.57(1)
• Python 3.9.12 (via brew)

stack dump

  File "/usr/local/lib/python3.9/site-packages/yawsso/cli.py", line 260, in get_role_max_session_duration
    get_role_success, get_role_output = invoke(cmd_get_role)
  File "/usr/local/lib/python3.9/site-packages/yawsso/cli.py", line 117, in invoke
    output = subprocess.check_output(shlex.split(cmd), stderr=subprocess.STDOUT).decode()
  File "/usr/local/Cellar/python@3.9/3.9.12/Frameworks/Python.framework/Versions/3.9/lib/python3.9/shlex.py", line 315, in split
    return list(lex)
  File "/usr/local/Cellar/python@3.9/3.9.12/Frameworks/Python.framework/Versions/3.9/lib/python3.9/shlex.py", line 300, in __next__
    token = self.get_token()
  File "/usr/local/Cellar/python@3.9/3.9.12/Frameworks/Python.framework/Versions/3.9/lib/python3.9/shlex.py", line 109, in get_token
    raw = self.read_token()
  File "/usr/local/Cellar/python@3.9/3.9.12/Frameworks/Python.framework/Versions/3.9/lib/python3.9/shlex.py", line 191, in read_token
    raise ValueError("No closing quotation")
ValueError: No closing quotation

debug

--- /usr/local/lib/python3.9/site-packages/yawsso/cli.py    2022-07-28 15:01:52.000000000 -0700
+++ /usr/local/lib/python3.9/site-packages/yawsso/cli.py    2022-07-28 15:01:39.000000000 -0700
@@ -114,4 +114,5 @@
 def invoke(cmd):
     try:
+        print("trying [{}]".format(cmd))
         output = subprocess.check_output(shlex.split(cmd), stderr=subprocess.STDOUT).decode()
         success = True

yields:

trying [aws iam get-role --output json --profile {profilename} --role-name profile_role" --region {region}]
Traceback (most recent call last):
  File "/usr/local/bin/yawsso", line 8, in <module>
    sys.exit(main())
  File "/usr/local/lib/python3.9/site-packages/yawsso/cli.py", line 544, in main
    credentials = update_profile(profile_name, config)
  File "/usr/local/lib/python3.9/site-packages/yawsso/cli.py", line 363, in update_profile
    credentials = fetch_credentials_with_assume_role(profile_name, profile)
  File "/usr/local/lib/python3.9/site-packages/yawsso/cli.py", line 272, in fetch_credentials_with_assume_role
    duration_seconds = get_role_max_session_duration(profile_name, profile)
  File "/usr/local/lib/python3.9/site-packages/yawsso/cli.py", line 260, in get_role_max_session_duration
    get_role_success, get_role_output = invoke(cmd_get_role)
  File "/usr/local/lib/python3.9/site-packages/yawsso/cli.py", line 117, in invoke
    output = subprocess.check_output(shlex.split(cmd), stderr=subprocess.STDOUT).decode()
  File "/usr/local/Cellar/python@3.9/3.9.12/Frameworks/Python.framework/Versions/3.9/lib/python3.9/shlex.py", line 315, in split
    return list(lex)
  File "/usr/local/Cellar/python@3.9/3.9.12/Frameworks/Python.framework/Versions/3.9/lib/python3.9/shlex.py", line 300, in __next__
    token = self.get_token()
  File "/usr/local/Cellar/python@3.9/3.9.12/Frameworks/Python.framework/Versions/3.9/lib/python3.9/shlex.py", line 109, in get_token
    raw = self.read_token()
  File "/usr/local/Cellar/python@3.9/3.9.12/Frameworks/Python.framework/Versions/3.9/lib/python3.9/shlex.py", line 191, in read_token
    raise ValueError("No closing quotation")
ValueError: No closing quotation

Repaired by:

--- .aws/config 2022-07-28 14:33:42.000000000 -0700
+++ .aws/config 2022-07-28 14:33:47.000000000 -0700
@@ -42,3 +42,3 @@
 source_profile = ...
-role_arn = "arn:aws:iam::123456789012:role/profile_role"
+role_arn = arn:aws:iam::123456789012:role/profile_role
 region = ...region...

[victorskl]

Thanks for reporting and forensic. I will include a check with it in next release milestone.

[victorskl]

Fixed since 1.0.0rc2. User test avail with pip install -U yawsso==1.0.0rc2

[chickenandpork]

Awesome -- and so fast! :)