def templatae_url(url: str, **kwargs) -> str:
logger.debug('Templating url with: %s',
json.dumps(kwargs, indent=2, default=str))
for key, value in kwargs.items():
url = url.replace('{%s}' % key, value)
logger.debug('Destination url: %s', url)
return url
def post_add_arguments(config: dict, arguments: argparse.Namespace,
parser: argparse.ArgumentParser):
get_url, open_browser, print_url, service = parse_args(arguments, config)
if get_url is True and arguments.profile_name is None and arguments.role_arn is None and sys.stdin.isatty(
) and not arguments.json:
logger.debug('Openning console with current credentials')
session = boto3.session.Session()
creds = session.get_credentials()
if not creds:
raise exceptions.NoCredentialsError(
'No credentials to open the console with')
url = get_console_url(
{
'AccessKeyId': creds.access_key,
'SecretAccessKey': creds.secret_key,
'SessionToken': creds.token,
'Region': session.region_name,
}, service)
if config.get('console', {}).get('ext_container'):
url = 'ext+container:name=%s&url=' % arguments.target_profile_name + urllib.parse.quote_plus(
url)
if print_url:
safe_print(url)
elif open_browser:
try:
open_url(config, arguments, url)
except Exception as e:
safe_print('Cannot open browser: {}'.format(e))
safe_print('Here is the link: {}'.format(url))
exit(0)
def post_get_credentials(config: dict, arguments: argparse.Namespace,
profiles: dict, credentials: dict):
get_url, open_browser, print_url, service = parse_args(arguments, config)
if get_url:
logger.debug('Opening console with awsume\'d credentials')
url = get_console_url(credentials, service)
logger.debug('URL: {}'.format(url))
if print_url:
safe_print(url)
elif open_browser:
try:
open_url(config, arguments, url)
except Exception as e:
safe_print('Cannot open browser: {}'.format(e))
safe_print('Here is the link: {}'.format(url))
def post_add_arguments(
config: dict, arguments: argparse.Namespace, parser: argparse.ArgumentParser
):
logger.debug("Default Profile Plugin is active")
if not arguments.profile_name and not arguments.role_arn:
if os.environ.get(ENV_KEY):
logger.debug("Setting default profile from environment variable")
arguments.target_profile_name = os.environ[ENV_KEY]
elif config.get(CONFIG_KEY):
logger.debug("Setting default profile from config file")
arguments.target_profile_name = config[CONFIG_KEY]
else:
logger.debug(
'No default profile setting, falling back to target profile "default"'
)
arguments.target_profile_name = "default"
else:
logger.debug("Profile or role arn specified, skipping default profile settings")
def post_get_credentials(config: dict, arguments: argparse.Namespace,
profiles: dict, credentials: dict):
get_url, open_browser, print_url, service = parse_args(arguments, config)
if get_url:
logger.debug('Openning console with awsume\'d credentials')
url = get_console_url(credentials, service)
if config.get('console', {}).get('ext_container'):
url = 'ext+container:name=%s&url=' % arguments.target_profile_name + urllib.parse.quote_plus(
url)
logger.debug('URL: {}'.format(url))
if print_url:
safe_print(url)
elif open_browser:
try:
open_url(config, arguments, url)
except Exception as e:
safe_print('Cannot open browser: {}'.format(e))
safe_print('Here is the link: {}'.format(url))
def open_url(config: dict, arguments: argparse.ArgumentParser, url: str):
if config.get('console', {}).get('browser_command'):
logger.debug('Using custom browser command')
browser_command = config['console']['browser_command']
logger.debug('browser_command: {}'.format(browser_command))
command = browser_command.format(
url=url,
profile=arguments.target_profile_name,
)
logger.debug('Command: {}'.format(command))
with open(os.devnull, 'w') as f:
subprocess.Popen(command,
stdout=f,
stderr=f,
shell=True,
preexec_fn=os.setpgrp)
else:
webbrowser.open(url)
def get_console_url(credentials: dict = None, destination: str = None):
amazon_domain = 'amazonaws-us-gov' if 'gov' in str(
credentials.get('Region')) else 'aws.amazon'
logger.debug('Amazon domain: %s', amazon_domain)
credentials = credentials if credentials is not None else {}
logger.debug('Credentials: {}'.format(
json.dumps(credentials, default=str, indent=2)))
params = {
'Action': 'getSigninToken',
'Session': {
'sessionId': credentials.get('AccessKeyId'),
'sessionKey': credentials.get('SecretAccessKey'),
'sessionToken': credentials.get('SessionToken'),
},
}
logger.debug('Get console url request params: {}'.format(
json.dumps(params, default=str, indent=2)))
request_url = 'https://signin.' + amazon_domain + '.com/federation?'
response = URLOPEN(request_url + URLENCODE(params))
raw = response.read()
try:
token = json.loads(raw)['SigninToken']
except getattr(json.decoder, 'JSONDecoderError', ValueError):
token = json.loads(raw.decode())['SigninToken']
logger.debug('Signin token: {}'.format(token))
region = credentials.get('Region') or 'us-east-1'
logger.debug('Region: {}'.format(region))
params = {
'Action':
'login',
'Issuer':
'',
'Destination':
templatae_url(destination, region=region)
if is_url(destination) else 'https://console.' + amazon_domain +
'.com/' + destination + '/home?region=' + region,
'SigninToken':
token
}
logger.debug('URL params: {}'.format(
json.dumps(params, default=str, indent=2)))
url = 'https://signin.' + amazon_domain + '.com/federation?'
url += URLENCODE(params)
return url