-
-
Save hardeepnarang10/a61130c57a3d4558c46ad7d748ceb970 to your computer and use it in GitHub Desktop.
Revisions
-
ayubmalik revised this gist
Mar 28, 2023 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -22,7 +22,7 @@ import ( func main() { var ( startURL string = "https://CHANGEME.awsapps.com/start" region = "eu-west-2" ) cfg, err := config.LoadDefaultConfig(context.TODO(), config.WithDefaultRegion(region)) -
Mar 27, 2023 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -15,7 +15,7 @@ import ( // This gist shows how to log into AWS SSO only using AWS SDK for Go. // It will launch a browser as if you had typed `aws sso login` on the command line. // If successful will print the list of accounts you have access to. // Change the startURL and region below to your AWS SSO start url and default // region accordingly. -
Mar 27, 2023 . No changes.There are no files selected for viewing
-
Mar 27, 2023 . 1 changed file with 6 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -13,7 +13,12 @@ import ( "github.com/pkg/browser" ) // This gist shows how to log into AWS SSO only using AWS SDK for Go. // It will launch a browser as if you had typed `aws sso login` on the command line. // Just an example of how to login using AWS SDK API rather than la // Change the startURL and region below to your AWS SSO start url and default // region accordingly. func main() { var ( startURL string = "https://CHANGEME.awsapps.com/start" -
Mar 27, 2023 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,97 @@ package main import ( "context" "log" "strings" "time" "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/service/sso" "github.com/aws/aws-sdk-go-v2/service/ssooidc" "github.com/pkg/browser" ) // Change the startURL and region below to your AWS SSO start url and defaul region accordingly. func main() { var ( startURL string = "https://CHANGEME.awsapps.com/start" region = "eu-east-2" ) cfg, err := config.LoadDefaultConfig(context.TODO(), config.WithDefaultRegion(region)) if err != nil { log.Fatalf("%v", err) } // create SSO oidcClient client to trigger login flow oidcClient := ssooidc.NewFromConfig(cfg) // register your client which is triggering the login flow register, err := oidcClient.RegisterClient(context.TODO(), &ssooidc.RegisterClientInput{ ClientName: aws.String("sso-cli-client"), ClientType: aws.String("public"), }) if err != nil { log.Fatal(err) } // authorize your device using the client registration response deviceAuth, err := oidcClient.StartDeviceAuthorization(context.TODO(), &ssooidc.StartDeviceAuthorizationInput{ ClientId: register.ClientId, ClientSecret: register.ClientSecret, StartUrl: aws.String(startURL), }) if err != nil { log.Fatal(err) } url := aws.ToString(deviceAuth.VerificationUriComplete) log.Printf("If your browser is not opened automatically, please open link:\n%v\n", url) err = browser.OpenURL(url) if err != nil { log.Fatal(err) } var token *ssooidc.CreateTokenOutput approved := false // poll the client until it has finished authorization. for !approved { t, err := oidcClient.CreateToken(context.TODO(), &ssooidc.CreateTokenInput{ ClientId: register.ClientId, ClientSecret: register.ClientSecret, DeviceCode: deviceAuth.DeviceCode, GrantType: aws.String("urn:ietf:params:oauth:grant-type:device_code"), }) if err != nil { isPending := strings.Contains(err.Error(), "AuthorizationPendingException:") if isPending { log.Println("Authorization pending...") time.Sleep(time.Duration(deviceAuth.Interval) * time.Second) continue } } approved = true token = t } ssoClient := sso.NewFromConfig(cfg) log.Println("Fetching list of accounts for this user") accountPaginator := sso.NewListAccountsPaginator(ssoClient, &sso.ListAccountsInput{ AccessToken: token.AccessToken, }) for accountPaginator.HasMorePages() { x, err := accountPaginator.NextPage(context.TODO()) if err != nil { log.Fatal(err) } for _, y := range x.AccountList { log.Println("-------------------------------------------------------") log.Printf("Account ID: %v Name: %v Email: %v\n", aws.ToString(y.AccountId), aws.ToString(y.AccountName), aws.ToString(y.EmailAddress)) } } }