support sso credentials with profile in section name

ex-aws · Sep 10, 2024 · fe1700e · fe1700e
1 parent c0b431f
commit fe1700e
Show file tree

Hide file tree

Showing 2 changed files with 57 additions and 0 deletions.
diff --git a/lib/ex_aws/credentials_ini/file.ex b/lib/ex_aws/credentials_ini/file.ex
@@ -234,6 +234,10 @@ if Code.ensure_loaded?(ConfigParser) do
           merge_special_keys(full, config)
           |> strip_key_prefix()
 
+        {:ok, %{("profile " <> ^profile_name) => config} = full} ->
+          merge_special_keys(full, config)
+          |> strip_key_prefix()
+
         {:ok, %{}} ->
           %{}
 

diff --git a/test/ex_aws/credentials_ini/file_test.exs b/test/ex_aws/credentials_ini/file_test.exs
@@ -60,6 +60,29 @@ defmodule ExAws.CredentialsIni.File.FileTest do
     assert config.sso_role_name == "SomeRole"
   end
 
+  test "config file is parsed with non-default sso config profile that uses sso_session" do
+    example_config = """
+    [sso-session somecompany]
+    sso_start_url = https://start.us-gov-home.awsapps.com/directory/somecompany
+    sso_region = us-gov-west-1
+
+    [profile somecompany]
+    sso_session = somecompany
+    sso_account_id = 123456789101
+    sso_role_name = SomeRole
+    region = us-gov-west-1
+    output = json
+    """
+
+    config = ExAws.CredentialsIni.File.parse_ini_file({:ok, example_config}, "somecompany")
+
+    assert config.sso_session == "somecompany"
+    assert config.sso_start_url == "https://start.us-gov-home.awsapps.com/directory/somecompany"
+    assert config.sso_region == "us-gov-west-1"
+    assert config.sso_account_id == "123456789101"
+    assert config.sso_role_name == "SomeRole"
+  end
+
   test "{:system} in profile name gets dynamic profile name" do
     System.put_env("AWS_PROFILE", "custom-profile")
 
@@ -79,6 +102,36 @@ defmodule ExAws.CredentialsIni.File.FileTest do
     assert credentials.security_token == "TESTTOKEN"
   end
 
+  test "{:system} in profile name gets dynamic profile name using sso config" do
+    System.put_env("AWS_PROFILE", "custom-profile")
+
+    example_credentials = """
+    [sso-session somecompany]
+    sso_start_url = https://start.us-gov-home.awsapps.com/directory/somecompany
+    sso_region = us-gov-west-1
+
+    [profile custom-profile]
+    sso_session = somecompany
+    sso_account_id = 123456789101
+    sso_role_name = SomeRole
+    region = us-gov-west-1
+    output = json
+    """
+
+    credentials =
+      ExAws.CredentialsIni.File.parse_ini_file({:ok, example_credentials}, :system)
+      |> ExAws.CredentialsIni.File.replace_token_key()
+
+    assert credentials.sso_session == "somecompany"
+
+    assert credentials.sso_start_url ==
+             "https://start.us-gov-home.awsapps.com/directory/somecompany"
+
+    assert credentials.sso_region == "us-gov-west-1"
+    assert credentials.sso_account_id == "123456789101"
+    assert credentials.sso_role_name == "SomeRole"
+  end
+
   test "config file is parsed" do
     example_config = """
     [default]