Sourcing credentials via external Process - Browser not opening up #5506
Comments
kdaily
added
guidance
kdaily
added
bug
|
I am able to reproduce, marking as a bug. Thanks! |
|
I haven't taken a look at the logs but my hunch says it's likely the same issue as the one fixed here: #4964 |
|
Hi @joguSD, I think this is exactly what is happening to us. We have a custom credential process, and it's failing apparently because of this issue. It's a python 3 development that bootstraps a webserver and opens a webbrowser to receive credentials from our own IDP. The browser never opens. Unsetting To reproduce the problem easily just add this to the aws config file in a linux machine: Then run Obviously it will fail as not credentials would be provided, but the expected behaviour would be to open the browser, and it would not. Changing the config to: Would make the browser start opening. For me it's failing with both chrome and firefox. |
|
@joguSD ... I guess the issue is coming from here: https://github.com/boto/botocore/blob/develop/botocore/credentials.py#L974, I'm going to file an issue at botocore. |
|
@joguSD @alfonso-presa The issue is the same as for #4964 |
|
I see @kdaily mentioned this issue alongside the one I filed in #6416, but I thought it was worth adding a comment here, since you would probably have to fix it in at least two places. With external aliases, it's calling via python's subprocess directly in CLI related code (alias.py). The credential_process external call appears to come from botocore. |
|
Checking in — it looks like there have since been changes with how the path is handled. Both of these worked as expected when testing on Mac: Does this address the use case here? Linking related docs for reference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sourcing-external.html |
tim-finnigan
added
the
response-requested
|
Greetings! It looks like this issue hasn’t been active in longer than five days. We encourage you to check if this is still an issue in the latest release. In the absence of more information, we will be closing this issue soon. If you find that this is still a problem, please feel free to provide a comment or upvote with a reaction on the initial post to prevent automatic closure. If the issue is already closed, please feel free to open a new one. |
github-actions
bot
added
closing-soon
Confirm by changing [ ] to [x] below to ensure that it's a bug:
Describe the bug
I am using the feature to source credentials from third-party source using credential_process
https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sourcing-external.html
I would like to occasionally open up the browser to authenticate the user with the command that I run
I am using CLI built with Node.js and https://github.com/sindresorhus/open to open up the browser.
This process works fine on AWS CLI v1 but fails in AWS CLI v2.
SDK version number
aws-cli/2.0.44 Python/3.7.3 Linux/4.14.192-147.314.amzn2.x86_64 exe/x86_64.amzn.2
Platform/OS/Hardware/Device
What are you running the cli on?
LSB Version: :core-4.1-amd64:core-4.1-noarch
Distributor ID: Amazon
Description: Amazon Linux release 2 (Karoo)
Release: 2
Codename: Karoo
To Reproduce (observed behavior)
Steps to reproduce the behavior
Install open CLI (https://github.com/sindresorhus/open-cli) globally
npm install --global open-cli
For a profile add the open-cli command to open up a browser
Expected behavior
The browser should open up
Logs/output
open-cli-v2.txt
open-cli-v1.txt
Additional context
The above will not generate the valid token but is an example for the browser not opening-up
Both logs have errors, but for AWS CLI v1 browser opens up.
Edit: This issue occurs only for Firefox browser
The text was updated successfully, but these errors were encountered: