blob: 77c2320c5632451c429946c99d548f1fee01b1dd (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
#!/bin/bash
set -eufo pipefail
export SHELLOPTS
IFS=$'\t\n'
if [[ -z "${AWS_ACCESS_KEY_ID:-}" ]] ||
[[ -z "${AWS_SECRET_ACCESS_KEY:-}" ]] ||
[[ -z "${AWS_SESSION_TOKEN:-}" ]]; then
echo "AWS_ required variables not set"
exit 1
fi
command -v curl >/dev/null 2>&1 || { echo "curl is not installed!"; exit 1; }
command -v jq >/dev/null 2>&1 || { echo "jq is not installed!"; exit 1; }
credentials='{"sessionId":"'"${AWS_ACCESS_KEY_ID}"'","sessionKey":"'"${AWS_SECRET_ACCESS_KEY}"'","sessionToken":"'"${AWS_SESSION_TOKEN}"'"}'
uc="${credentials//'%'/%25}"; uc="${uc//'"'/%22}"; uc="${uc//','/%2C}"
uc="${uc//'/'/%2F}"; uc="${uc//':'/%3A}"; uc="${uc//'='/%3D}"
uc="${uc//'{'/%7B}"; uc="${uc//'}'/%7D}"; uc="${uc//'+'/%2B}"
federation_url="https://signin.aws.amazon.com/federation"
federation_url="${federation_url}?Action=getSigninToken"
federation_url="${federation_url}&SessionDuration=3600"
federation_url="${federation_url}&Session=$(printf %s "$uc")"
token=$(curl -s "${federation_url}" | jq -r '.SigninToken' 2>/dev/null) ||
{ echo "invalid or expired credentials"; exit 1; }
console_url="https://signin.aws.amazon.com/federation"
console_url="${console_url}?Destination=https%3A%2F%2Fconsole.aws.amazon.com%2F"
console_url="${console_url}&SigninToken=${token}"
console_url="${console_url}&Issuer=https%3A%2F%2Fexample.com"
console_url="${console_url}&Action=login"
open "${console_url}"
|