Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for sso-session credentials #2812

Merged
merged 1 commit into from
Nov 15, 2022
Merged

Add support for sso-session credentials #2812

merged 1 commit into from
Nov 15, 2022

Conversation

nateprewitt
Copy link
Contributor

This PR will add support for loading credentials via a configured sso-session in your AWS config file.

@codecov-commenter
Copy link

codecov-commenter commented Nov 15, 2022
edited
Loading

Codecov Report

Base: 93.45% // Head: 93.45% // Increases project coverage by +0.00% 🎉

Coverage data is based on head (694165a) compared to base (0e52189).
Patch coverage: 98.90% of modified lines in pull request are covered.

Additional details and impacted files 
@@           Coverage Diff            @@
##           develop    #2812   +/-   ##
========================================
  Coverage    93.45%   93.45%           
========================================
  Files           63       63           
  Lines        13298    13337   +39     
========================================
+ Hits         12427    12464   +37     
- Misses         871      873    +2
Impacted Files Coverage Δ
botocore/utils.py 78.92% <97.87%> (+0.45%) ⬆️
botocore/credentials.py 98.64% <100.00%> (-0.02%) ⬇️
botocore/tokens.py 87.50% <100.00%> (+1.08%) ⬆️
botocore/httpsession.py 91.43% <0.00%> (-0.39%) ⬇️
botocore/client.py 97.83% <0.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

@nateprewitt nateprewitt force-pushed the sso_tokens branch 2 times, most recently from 79fb260 to 020cd4c Compare November 15, 2022 15:57
kyleknap
kyleknap reviewed Nov 15, 2022
View reviewed changes
Copy link
Contributor

@kyleknap kyleknap left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks fine. Just had comments on the tests.

tests/functional/test_credentials.py
with open(self.config_file, 'w') as f:
f.write(config)

def test_token_chosen_from_provider(self):
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be great if we added test cases for some of the error cases such as:

  1. Mismatching start url and sso region
  2. SSO session not being defined

I'm also wondering if we should add a case for having an expired SSO token in the cache and needing the token provider to refresh first. However, I'm not sure how straightforward that will be to add. Thoughts?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The first two are super reasonable, I attempted the last one earlier but the MockCache gets very complicated to do this without the ability to change inputs.

kyleknap
kyleknap approved these changes Nov 15, 2022
View reviewed changes
Copy link
Contributor

@kyleknap kyleknap left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good 🚢

@nateprewitt nateprewitt merged commit 5958cc8 into boto:develop Nov 15, 2022
@nateprewitt nateprewitt deleted the sso_tokens branch November 15, 2022 18:54
aws-sdk-python-automation added a commit that referenced this pull request Nov 15, 2022
@aws-sdk-python-automation
Merge branch 'release-1.29.10'
25294c1 
* release-1.29.10:
  Bumping version to 1.29.10
  Update to latest partitions and endpoints
  Update to latest models
  Add support for loading sso-session credentials (#2812)
  fixes missing x-amz-content-sha256 header for s3 on outpost (#2811)
kyleknap added a commit to kyleknap/aws-cli that referenced this pull request Nov 16, 2022
@kyleknap
Port SSO credential provider updates
7ba7b5f 
The updates allow using sso-session configuration as part of
the SSO credential provider. This was ported from this PR:
boto/botocore#2812
kyleknap added a commit to kyleknap/aws-cli that referenced this pull request Nov 16, 2022
@kyleknap
Port SSO credential provider updates
0ca979c 
The updates allow using sso-session configuration as part of
the SSO credential provider. This was ported from this PR:
boto/botocore#2812
@kyleknap kyleknap mentioned this pull request Nov 16, 2022
Merged
@palaniswamy palaniswamy mentioned this pull request Dec 9, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kyleknap kyleknap kyleknap approved these changes

@jonemo jonemo jonemo approved these changes

@dlm6693 dlm6693 Awaiting requested review from dlm6693

@jonathan343 jonathan343 Awaiting requested review from jonathan343

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@nateprewitt @codecov-commenter @jonemo @kyleknap