OIE authorization code flow implementation with classic authenticatio…

…n. SAML2 does not return an idx cookies.
dowjones · Nov 14, 2023 · 1506b8d · 1506b8d
1 parent d3e2e35
commit 1506b8d
Show file tree

Hide file tree

Showing 10 changed files with 702 additions and 199 deletions.
diff --git a/.gitignore b/.gitignore
@@ -91,7 +91,7 @@ venv/
 ENV/
 env.bak/
 venv.bak/
-.vscode
+.vscode/
 
 # Spyder project settings
 .spyderproject

diff --git a/tokendito/__init__.py b/tokendito/__init__.py
@@ -1,7 +1,8 @@
 # vim: set filetype=python ts=4 sw=4
 # -*- coding: utf-8 -*-
 """Tokendito module initialization."""
-__version__ = "2.1.3"
+
+__version__ = "2.3.0"
 __title__ = "tokendito"
 __description__ = "Get AWS STS tokens from Okta SSO"
 __long_description_content_type__ = "text/markdown"

diff --git a/tokendito/__main__.py b/tokendito/__main__.py
@@ -12,10 +12,10 @@ def main(args=None):  # needed for console script
 
         path = os.path.dirname(os.path.dirname(__file__))
         sys.path[0:0] = [path]
-    from tokendito.tool import cli
+    from tokendito.user import cmd_interface
 
     try:
-        return cli(args)
+        return cmd_interface(args)
     except KeyboardInterrupt:
         print("\nInterrupted")
         sys.exit(1)

diff --git a/tokendito/aws.py b/tokendito/aws.py
@@ -47,7 +47,7 @@ def get_output_types():
     return ["json", "text", "csv", "yaml", "yaml-stream"]
 
 
-def authenticate_to_roles(urls, cookies=None):
+def authenticate_to_roles(urls):
     """Authenticate AWS user with saml.
 
     :param urls: list of tuples or tuple, with tiles info
@@ -56,9 +56,6 @@ def authenticate_to_roles(urls, cookies=None):
     :return: response text
 
     """
-    if cookies:
-        HTTP_client.set_cookies(cookies)  # Set cookies if provided
-
     url_list = [urls] if isinstance(urls, tuple) else urls
     responses = []
     tile_count = len(url_list)

diff --git a/tokendito/config.py b/tokendito/config.py
@@ -45,6 +45,7 @@ class Config(object):
             password="",
             mfa=None,
             mfa_response=None,
+            client_id=None,
             tile=None,
             org=None,
         ),

diff --git a/tokendito/http_client.py b/tokendito/http_client.py
@@ -25,13 +25,16 @@ def set_cookies(self, cookies):
         """Update session with additional cookies."""
         self.session.cookies.update(cookies)
 
-    def get(self, url, params=None, headers=None):
+    def get(self, url, params=None, headers=None, allow_redirects=True):
         """Perform a GET request."""
         response = None
         try:
+            logger.debug(f"GET to {url}")
             logger.debug(f"Sending cookies: {self.session.cookies}")
             logger.debug(f"Sending headers: {self.session.headers}")
-            response = self.session.get(url, params=params, headers=headers)
+            response = self.session.get(
+                url, params=params, headers=headers, allow_redirects=allow_redirects
+            )
             response.raise_for_status()
             logger.debug(f"Received response from {url}: {response.text}")
             return response
@@ -50,6 +53,7 @@ def get(self, url, params=None, headers=None):
 
     def post(self, url, data=None, json=None, headers=None, return_json=False):
         """Perform a POST request."""
+        logger.debug(f"POST to {url}")
         try:
             response = self.session.post(url, data=data, json=json, headers=headers)
             response.raise_for_status()