Add comments to usage of tokenCodeFn for clarity

Author: mansurpasha

src/services/awsCredentials.js

@@ -3,13 +3,20 @@ import AWS from "aws-sdk";
 import { promptMfaModal } from "../modals";
 
 function getAWSCredentials(profile, program, screen) {
-  let codeFn;
+  // Define tokenCodeFn for SharedIniFileCredentials:
+  // Arguments:
+  //  serial - mfa device serial, not used as code is supplied manually
+  //  callback - callback function which takes (err, token) as arguments. Here err isn't used as token is entered manually
+  let mfaCodeFn;
   if (program.mfa) {
-    codeFn = (serial, callback) => callback(null, program.mfa);
+    // If mfa token defined in cli options, supply to callback and run immediately
+    mfaCodeFn = (serial, callback) => callback(null, program.mfa);
   } else if (screen) {
-    codeFn = (serial, callback) => promptMfaModal(callback, screen);
+    // promptMfaModal allows user to enter token on screen, and runs callback on entry
+    mfaCodeFn = (serial, callback) => promptMfaModal(callback, screen);
   } else {
-    codeFn = () =>
+    // If using Guardian and --mfa not supplied
+    mfaCodeFn = () =>
       console.error(
         "In-tool mfa authentication isn't supported for guardian. Please provide your mfa token via the --mfa option"
       );
@@ -19,7 +26,7 @@ function getAWSCredentials(profile, program, screen) {
     process.env.AWS_SDK_LOAD_CONFIG = 1;
     return new AWS.SharedIniFileCredentials({
       profile,
-      tokenCodeFn: codeFn,
+      tokenCodeFn: mfaCodeFn,
       callback: (err) => {
         if (err) {
           console.error(`SharedIniFileCreds Error: ${err}`);
@@ -37,7 +44,7 @@ function getAWSCredentials(profile, program, screen) {
   if (process.env.AWS_PROFILE) {
     return new AWS.SharedIniFileCredentials({
       profile: process.env.AWS_PROFILE,
-      tokenCodeFn: codeFn,
+      tokenCodeFn: mfaCodeFn,
       callback: (err) => {
         if (err) {
           console.error(`SharedIniFileCreds Error: ${err}`);