-
Notifications
You must be signed in to change notification settings - Fork 18
/
awsudo.rb
executable file
·57 lines (49 loc) · 1.54 KB
/
awsudo.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
# Copyright (C) 2015-2017 Electronic Arts Inc. All rights reserved.
require 'io/console'
require 'json'
require 'logger'
require 'socket'
require 'uri'
# I'm the namespace for the awsudo library.
module AWSUDO
@logger = Logger.new(STDERR)
@logger.level = Logger::WARN
class << self
attr_accessor :logger
end
# Asks the aws-agent through socket_name to assume role_arn.
# It expects a JSON response with either an error message or
# AWS temporary keys.
def self.assume_role_with_agent(role_arn, socket_name)
logger.debug {"role_arn: <#{role_arn}>"}
logger.debug {"socket_name: <#{socket_name}>"}
keys = UNIXSocket.open(socket_name) do |client|
client.puts role_arn
response = client.gets
logger.debug {"response: <#{response}>"}
raise "Connection closed by peer" if response.nil?
JSON.parse(response.strip)
end
raise keys['error'] unless keys['error'].nil?
keys
end
# Asks the user interactively for username and password
def self.ask_for_credentials
fd = IO.sysopen("/dev/tty", "w")
console = IO.new(fd,"w")
console.print "Login: "
username = STDIN.gets.chomp
console.print "Password: "
password = STDIN.noecho(&:gets).chomp
console.print "\n"
IO.new(fd).close
[username, password]
end
# Retrieves awsudo's settings from filename
def self.load_config(filename)
config = Hash[*File.read(filename).scan(/^\s*(\w+)\s*=\s*(.*)\s*$/).flatten]
logger.debug { "config: <#{config.inspect}>" }
config
end
end
require 'awsudo/identity_providers'