Skip to content

Commit 8cd4861

Browse files
thoward-godaddythoward-godaddy
authored
Merge pull request #74 from mverkerk-godaddy/add-expiration-to-output
adding credential expiration to output
2 parents 86b630e + 206fa28 commit 8cd4861

File tree

3 files changed

+28
-16
lines changed

3 files changed

+28
-16
lines changed

aws_okta_processor/commands/authenticate.py

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -48,21 +48,24 @@
4848
UNIX_EXPORT_STRING = (
4949
"export AWS_ACCESS_KEY_ID='{}' && "
5050
"export AWS_SECRET_ACCESS_KEY='{}' && "
51-
"export AWS_SESSION_TOKEN='{}'"
51+
"export AWS_SESSION_TOKEN='{}' && "
52+
"export AWS_CREDENTIAL_EXPIRATION='{}'"
5253
)
5354

5455
# Template for Fish shell
5556
UNIX_FISH_EXPORT_STRING = (
5657
"set --export AWS_ACCESS_KEY_ID '{}'; and "
5758
"set --export AWS_SECRET_ACCESS_KEY '{}'; and "
58-
"set --export AWS_SESSION_TOKEN '{}';"
59+
"set --export AWS_SESSION_TOKEN '{}'; and "
60+
"set --export AWS_CREDENTIAL_EXPIRATION '{}';"
5961
)
6062

6163
# Template for Windows PowerShell
6264
NT_EXPORT_STRING = (
6365
"$env:AWS_ACCESS_KEY_ID='{}'; "
6466
"$env:AWS_SECRET_ACCESS_KEY='{}'; "
65-
"$env:AWS_SESSION_TOKEN='{}'"
67+
"$env:AWS_SESSION_TOKEN='{}'; "
68+
"$env:AWS_CREDENTIAL_EXPIRATION='{}'"
6669
)
6770

6871
# Map command-line options to environment variable names.
@@ -163,6 +166,7 @@ def nt_output(self, credentials):
163166
credentials["AccessKeyId"],
164167
credentials["SecretAccessKey"],
165168
credentials["SessionToken"],
169+
credentials["Expiration"]
166170
)
167171

168172
def unix_output(self, credentials):
@@ -188,6 +192,7 @@ def unix_output(self, credentials):
188192
credentials["AccessKeyId"],
189193
credentials["SecretAccessKey"],
190194
credentials["SessionToken"],
195+
credentials["Expiration"]
191196
)
192197

193198
def get_pass(self):

pyproject.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
[tool.poetry]
22
name = "aws-okta-processor"
3-
version = "1.9.3"
3+
version = "1.10.0"
44
description = "Resource for fetching AWS Role credentials from Okta"
55
authors = ["Cloud Platform Solutions <[email protected]>"]
66
readme = "README.rst"

tests/commands/test_authenticate.py

Lines changed: 19 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,8 @@
1010
CREDENTIALS = {
1111
"AccessKeyId": "access_key_id",
1212
"SecretAccessKey": "secret_access_key",
13-
"SessionToken": "session_token"
13+
"SessionToken": "session_token",
14+
"Expiration": "expiration"
1415
}
1516

1617

@@ -35,6 +36,7 @@ def test_run(self, mock_print):
3536
'{"AccessKeyId": "access_key_id", '
3637
'"SecretAccessKey": "secret_access_key", '
3738
'"SessionToken": "session_token", '
39+
'"Expiration": "expiration", '
3840
'"Version": 1}'
3941
)
4042

@@ -50,7 +52,8 @@ def test_run_nt(self, mock_print, mock_os):
5052
mock_print.assert_called_once_with(
5153
"$env:AWS_ACCESS_KEY_ID='access_key_id'; "
5254
"$env:AWS_SECRET_ACCESS_KEY='secret_access_key'; "
53-
"$env:AWS_SESSION_TOKEN='session_token'"
55+
"$env:AWS_SESSION_TOKEN='session_token'; "
56+
"$env:AWS_CREDENTIAL_EXPIRATION='expiration'"
5457
)
5558

5659
@patch("aws_okta_processor.commands.authenticate.os")
@@ -65,7 +68,8 @@ def test_run_linux(self, mock_print, mock_os):
6568
mock_print.assert_called_once_with(
6669
"export AWS_ACCESS_KEY_ID='access_key_id' && "
6770
"export AWS_SECRET_ACCESS_KEY='secret_access_key' && "
68-
"export AWS_SESSION_TOKEN='session_token'"
71+
"export AWS_SESSION_TOKEN='session_token' && "
72+
"export AWS_CREDENTIAL_EXPIRATION='expiration'"
6973
)
7074

7175
def test_get_configuration_env(self):
@@ -81,9 +85,10 @@ def test_output_export_command_with_fish_as_target_shell(self):
8185
self.OPTIONS["--target-shell"] = "fish"
8286
auth = Authenticate(self.OPTIONS)
8387
credentials = {
84-
"AccessKeyId": "XXXXX",
85-
"SecretAccessKey": "YYYYY",
86-
"SessionToken": "ZZZZZ"
88+
"AccessKeyId": "WWWWW",
89+
"SecretAccessKey": "XXXXX",
90+
"SessionToken": "YYYYY",
91+
"Expiration": "ZZZZZ"
8792
}
8893
self.assertNotIsInstance(
8994
auth.unix_output(credentials).index("set --export"),
@@ -95,9 +100,10 @@ def test_output_export_command_with_default_target_shell(self):
95100

96101
auth = Authenticate(self.OPTIONS)
97102
credentials = {
98-
"AccessKeyId": "XXXXX",
99-
"SecretAccessKey": "YYYYY",
100-
"SessionToken": "ZZZZZ"
103+
"AccessKeyId": "WWWWW",
104+
"SecretAccessKey": "XXXXX",
105+
"SessionToken": "YYYYY",
106+
"Expiration": "ZZZZZ"
101107
}
102108
self.assertNotIsInstance(
103109
auth.unix_output(credentials).index("export "),
@@ -113,9 +119,10 @@ def test_output_export_command_for_windows(self):
113119

114120
auth = Authenticate(self.OPTIONS)
115121
credentials = {
116-
"AccessKeyId": "XXXXX",
117-
"SecretAccessKey": "YYYYY",
118-
"SessionToken": "ZZZZZ"
122+
"AccessKeyId": "WWWWW",
123+
"SecretAccessKey": "XXXXX",
124+
"SessionToken": "YYYYY",
125+
"Expiration": "ZZZZZ"
119126
}
120127
self.assertNotIsInstance(
121128
auth.nt_output(credentials).index("$env:"),

0 commit comments

Comments
 (0)