in cmd/saml2alibabacloud/commands/exec.go [17:69]
func Exec(execFlags *flags.LoginExecFlags, cmdline []string) error {
if len(cmdline) < 1 {
return fmt.Errorf("Command to execute required")
}
account, err := buildIdpAccount(execFlags)
if err != nil {
return errors.Wrap(err, "error building login details")
}
sharedCreds := alibabacloudconfig.NewSharedCredentials(account.Profile)
// this checks if the credentials file has been created yet
// can only really be triggered if saml2alibabacloud exec is run on a new
// system prior to creating $HOME/.aliyun
exist, err := sharedCreds.CredsExists()
if err != nil {
return errors.Wrap(err, "error loading credentials")
}
if !exist {
log.Println("unable to load credentials, login required to create them")
return nil
}
alibabacloudCreds, err := sharedCreds.Load()
if err != nil {
return errors.Wrap(err, "error loading credentials")
}
ok, err := checkToken(alibabacloudCreds)
if err != nil {
return errors.Wrap(err, "error validating token")
}
if !ok {
err = Login(execFlags)
}
if err != nil {
return errors.Wrap(err, "error logging in")
}
if execFlags.ExecProfile != "" {
// Assume the desired role before generating env vars
alibabacloudCreds, err = assumeRoleWithProfile(alibabacloudCreds, execFlags.ExecProfile, execFlags.CommonFlags.SessionDuration)
if err != nil {
return errors.Wrap(err,
fmt.Sprintf("error acquiring credentials for profile: %s", execFlags.ExecProfile))
}
}
return shell.ExecShellCmd(cmdline, shell.BuildEnvVars(alibabacloudCreds, account, execFlags))
}