If last-used credentials do not exist, create them

Author: null93

internal/creds-last-used.go

@@ -16,7 +16,7 @@ var credsLastUsedCmd = &cobra.Command{
 		if err != nil {
 			ExitWithError(1, "failed to get last used role", err)
 		}
-		if role.Credentials.IsExpired() {
+		if role.Credentials == nil || role.Credentials.IsExpired() {
 			sessions, err := credentials.GetSessions()
 			if err != nil {
 				ExitWithError(2, "failed to parse sso sessions", err)
@@ -25,18 +25,24 @@ var credsLastUsedCmd = &cobra.Command{
 			if session == nil {
 				ExitWithError(3, "failed to find sso session " + role.SessionName, err)
 			}
+			if session.ClientToken == nil || session.ClientToken.IsExpired() {
+				err := ClientLogin(session)
+				if err != nil {
+					ExitWithError(4, "failed to authorize device login", err)
+				}
+			}
 			err = session.RefreshRoleCredentials(&role)
 			if err != nil {
-				ExitWithError(4, "failed to get credentials", err)
+				ExitWithError(5, "failed to get credentials", err)
 			}
 			err = role.Credentials.Save(session.Name, role.CacheKey())
 			if err != nil {
-				ExitWithError(5, "failed to save credentials", err)
+				ExitWithError(6, "failed to save credentials", err)
 			}
 		}
 		serialized, err := role.Credentials.ToJSON()
 		if err != nil {
-			ExitWithError(2, "failed to serialize role credentials", err)
+			ExitWithError(7, "failed to serialize role credentials", err)
 		}
 		fmt.Println(serialized)
 	},

internal/creds-select.go

@@ -45,6 +45,12 @@ var credsSelectCmd = &cobra.Command{
 			if session == nil {
 				ExitWithError(3, "failed to find sso session " + selectedRole.SessionName, err)
 			}
+			if session.ClientToken == nil || session.ClientToken.IsExpired() {
+				err := ClientLogin(session)
+				if err != nil {
+					ExitWithError(4, "failed to authorize device login", err)
+				}
+			}
 			err = session.RefreshRoleCredentials(&selectedRole)
 			if err != nil {
 				ExitWithError(4, "failed to get credentials", err)

internal/root.go

@@ -5,6 +5,9 @@ import (
 	"os"
 	"syscall"
 
+	. "github.com/null93/aws-knox/sdk/style"
+	"github.com/null93/aws-knox/sdk/credentials"
+	"github.com/pkg/browser"
 	"github.com/null93/aws-knox/pkg/ansi"
 	"github.com/null93/aws-knox/pkg/color"
 	"github.com/spf13/cobra"
@@ -29,6 +32,43 @@ func ExitWithError(code int, message string, err error) {
 	os.Exit(code)
 }
 
+func ClientLogin(session *credentials.Session) error {
+	if err := session.RegisterClient(); err != nil {
+		return err
+	}
+	userCode, deviceCode, url, urlFull, err := session.StartDeviceAuthorization()
+	if err != nil {
+		return err
+	}
+	yellow := color.ToForeground(YellowColor).Decorator()
+	gray := color.ToForeground(LightGrayColor).Decorator()
+	title := TitleStyle.Decorator()
+	DefaultStyle.Printfln("")
+	DefaultStyle.Printfln("%s %s", title("SSO Session:      "), gray(session.Name))
+	DefaultStyle.Printfln("%s %s", title("SSO Start URL:    "), gray(session.StartUrl))
+	DefaultStyle.Printfln("%s %s", title("Authorization URL:"), gray(url))
+	DefaultStyle.Printfln("%s %s", title("Device Code:      "), yellow(userCode))
+	DefaultStyle.Printfln("")
+	DefaultStyle.Printf("Waiting for authorization to complete...")
+	err = browser.OpenURL(urlFull)
+	if err != nil {
+		ansi.MoveCursorUp(6)
+		ansi.ClearDown()
+		return err
+	}
+	err = session.WaitForToken(deviceCode)
+	ansi.MoveCursorUp(6)
+	ansi.ClearDown()
+	if err != nil {
+		return err
+	}
+	err = session.Save()
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
 func init() {
 	RootCmd.Flags().SortFlags = true
 	RootCmd.Root().CompletionOptions.DisableDefaultCmd = true

internal/select.go

@@ -4,12 +4,8 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/null93/aws-knox/pkg/ansi"
-	"github.com/null93/aws-knox/pkg/color"
 	"github.com/null93/aws-knox/sdk/credentials"
 	"github.com/null93/aws-knox/sdk/picker"
-	. "github.com/null93/aws-knox/sdk/style"
-	"github.com/pkg/browser"
 	"github.com/spf13/cobra"
 )
 
@@ -56,47 +52,18 @@ var selectCredentialsCmd = &cobra.Command{
 			ExitWithError(4, "session with passed name not found", err)
 		}
 		if session.ClientToken == nil || session.ClientToken.IsExpired() {
-			if err := session.RegisterClient(); err != nil {
-				ExitWithError(5, "failed to register client", err)
-			}
-			userCode, deviceCode, url, urlFull, err := session.StartDeviceAuthorization()
-			if err != nil {
-				ExitWithError(6, "failed to start device authorization", err)
-			}
-			yellow := color.ToForeground(YellowColor).Decorator()
-			gray := color.ToForeground(LightGrayColor).Decorator()
-			title := TitleStyle.Decorator()
-			DefaultStyle.Printfln("")
-			DefaultStyle.Printfln("%s %s", title("SSO Session:      "), gray(session.Name))
-			DefaultStyle.Printfln("%s %s", title("SSO Start URL:    "), gray(session.StartUrl))
-			DefaultStyle.Printfln("%s %s", title("Authorization URL:"), gray(url))
-			DefaultStyle.Printfln("%s %s", title("Device Code:      "), yellow(userCode))
-			DefaultStyle.Printfln("")
-			DefaultStyle.Printf("Waiting for authorization to complete...")
-			err = browser.OpenURL(urlFull)
-			if err != nil {
-				ansi.MoveCursorUp(6)
-				ansi.ClearDown()
-				ExitWithError(7, "failed to open url in browser", err)
-			}
-			err = session.WaitForToken(deviceCode)
-			ansi.MoveCursorUp(6)
-			ansi.ClearDown()
-			if err != nil {
-				ExitWithError(8, "failed to wait for token", err)
-			}
-			err = session.Save()
+			err := ClientLogin(session)
 			if err != nil {
-				ExitWithError(9, "failed to save session", err)
+				ExitWithError(5, "failed to authorize device login", err)
 			}
 		}
 		if accountId == "" {
 			accountIds, err := session.GetAccounts()
 			if err != nil {
-				ExitWithError(10, "failed to get account ids", err)
+				ExitWithError(6, "failed to get account ids", err)
 			}
 			if len(accountIds) == 0 {
-				ExitWithError(11, "no accounts found", err)
+				ExitWithError(7, "no accounts found", err)
 			}
 			p := picker.NewPicker()
 			p.WithMaxHeight(5)
@@ -108,14 +75,14 @@ var selectCredentialsCmd = &cobra.Command{
 			}
 			selection := p.Pick()
 			if selection == nil {
-				ExitWithError(12, "failed to pick an account id", err)
+				ExitWithError(8, "failed to pick an account id", err)
 			}
 			accountId = selection.Value.(string)
 		}
 		roles, err := session.GetRoles(accountId)
 		if roleName == "" {
 			if err != nil {
-				ExitWithError(13, "failed to get roles", err)
+				ExitWithError(9, "failed to get roles", err)
 			}
 			p := picker.NewPicker()
 			p.WithMaxHeight(5)
@@ -131,30 +98,30 @@ var selectCredentialsCmd = &cobra.Command{
 			}
 			selection := p.Pick()
 			if selection == nil {
-				ExitWithError(14, "failed to pick a role name", err)
+				ExitWithError(10, "failed to pick a role name", err)
 			}
 			roleName = selection.Value.(string)
 		}
 		role := roles.FindByName(roleName)
 		if role == nil {
-			ExitWithError(15, "role with passed name not found", err)
+			ExitWithError(11, "role with passed name not found", err)
 		}
 		if role.Credentials == nil || role.Credentials.IsExpired() {
 			err := session.RefreshRoleCredentials(role)
 			if err != nil {
-				ExitWithError(16, "failed to get credentials", err)
+				ExitWithError(12, "failed to get credentials", err)
 			}
 			err = role.Credentials.Save(session.Name, role.CacheKey())
 			if err != nil {
-				ExitWithError(17, "failed to save credentials", err)
+				ExitWithError(13, "failed to save credentials", err)
 			}
 		}
 		if err := role.MarkLastUsed(); err != nil {
-			ExitWithError(18, "failed to mark last used role", err)
+			ExitWithError(14, "failed to mark last used role", err)
 		}
 		json, err := role.Credentials.ToJSON()
 		if err != nil {
-			ExitWithError(19, "failed to convert credentials to json", err)
+			ExitWithError(15, "failed to convert credentials to json", err)
 		}
 		fmt.Println(json)
 	},

sdk/credentials/session.go

@@ -292,7 +292,11 @@ func (s *Session) RefreshRoleCredentials(role *Role) error {
 	}
 	options := sso.Options{Region: s.Region}
 	client := sso.New(options)
-	params := sso.GetRoleCredentialsInput{AccessToken: &s.ClientToken.AccessToken, AccountId: &role.AccountId, RoleName: &role.Name}
+	params := sso.GetRoleCredentialsInput{
+		AccessToken: &s.ClientToken.AccessToken,
+		AccountId: &role.AccountId,
+		RoleName: &role.Name,
+	}
 	resp, err := client.GetRoleCredentials(context.TODO(), &params)
 	if err != nil {
 		return err