def get_cookies(cookies=PHYTOZOME_COOKIES):
from jcvi.utils.console import console
# Check if cookies is still good
if op.exists(cookies) and last_updated(cookies) < 3600:
return cookies
if console.is_terminal:
username = console.input("[bold green]Phytozome Login: "******"[bold green]Phytozome Password: "******"curl")
if curlcmd is None:
logging.error("curl command not installed. Aborting.")
return None
cmd = "{} https://signon.jgi.doe.gov/signon/create".format(curlcmd)
cmd += " --data-urlencode 'login={0}' --data-urlencode 'password={1}' -b {2} -c {2}".format(
username, pw, cookies
)
sh(cmd, outfile="/dev/null", errfile="/dev/null", log=False)
if not op.exists(cookies):
logging.error("Cookies file `{}` not created. Aborting.".format(cookies))
return None
return cookies
def check_exists(filename, oappend=False):
"""
Avoid overwriting some files accidentally.
"""
from jcvi.utils.console import console
if op.exists(filename):
if oappend:
return oappend
overwrite = (console.input(
"`{}` found, overwrite (Y/n)?".format(filename)) == "Y")
else:
overwrite = True
return overwrite
def get_credentials(profile, args, config):
mfa_token = console.input(
"Enter AWS MFA code for device [%s] "
"(renewing for %s seconds): " % (args.device, args.duration)
)
boto3.setup_default_session(profile_name="default")
client = boto3.client("sts")
if args.assume_role:
logging.info(
"Assuming Role - Profile: %s, Role: %s, Duration: %s",
profile,
args.assume_role,
args.duration,
)
try:
print((args.assume_role, args.role_session_name, args.device, mfa_token))
response = client.assume_role(
RoleArn=args.assume_role,
RoleSessionName=args.role_session_name,
SerialNumber=args.device,
TokenCode=mfa_token,
)
except ClientError as e:
log_error_and_exit(
"An error occured while calling assume role: {}".format(e)
)
except ParamValidationError:
log_error_and_exit("Token must be six digits")
config.set(
profile,
"assumed_role",
"True",
)
config.set(
profile,
"assumed_role_arn",
args.assume_role,
)
else:
logging.info(
"Fetching Credentials - Profile: %s, Duration: %s", profile, args.duration
)
try:
response = client.get_session_token(
DurationSeconds=args.duration,
SerialNumber=args.device,
TokenCode=mfa_token,
)
except ClientError as e:
log_error_and_exit(
"An error occured while calling assume role: {}".format(e)
)
except ParamValidationError:
log_error_and_exit("Token must be six digits")
config.set(
profile,
"assumed_role",
"False",
)
config.remove_option(profile, "assumed_role_arn")
# aws_session_token and aws_security_token are both added
# to support boto and boto3
options = [
("aws_access_key_id", "AccessKeyId"),
("aws_secret_access_key", "SecretAccessKey"),
("aws_session_token", "SessionToken"),
("aws_security_token", "SessionToken"),
]
for option, value in options:
config.set(profile, option, response["Credentials"][value])
# Save expiration individiually, so it can be manipulated
config.set(
profile,
"expiration",
response["Credentials"]["Expiration"].strftime("%Y-%m-%d %H:%M:%S"),
)
with open(AWS_CREDS_PATH, "w") as configfile:
config.write(configfile)
logging.info(
"Success! Your credentials will expire in %s seconds at: %s"
% (args.duration, response["Credentials"]["Expiration"])
)