Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trailing # in sso_start_url stripped when parsing shared config files #2369

Closed
gdavison opened this issue Nov 16, 2023 · 1 comment · Fixed by #2371
Closed

Trailing # in sso_start_url stripped when parsing shared config files #2369

gdavison opened this issue Nov 16, 2023 · 1 comment · Fixed by #2371
Labels
bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. p1 This is a high priority issue

Comments

@gdavison
Copy link
Contributor

Describe the bug

The SSO Start URLs generated by IAM Identity Center include a trailing #, for example https://d-123456789a.awsapps.com/start#. This trailing # is stripped by the parser for shared configuration files.

When used with legacy non-refreshable credentials (https://docs.aws.amazon.com/cli/latest/userguide/sso-configure-profile-legacy.html), the SSO Start URL is used to generate the token file name (

aws-sdk-go-v2/credentials/ssocreds/sso_credentials_provider.go

Line 98 in 435199f

cachedTokenFilepath, err := StandardCachedTokenFilepath(p.options.StartURL)
). Because the # is stripped, the file names are different.

Expected Behavior

I would be able to successfully authenticate with a legacy SSO configuration

Current Behavior

I am not able to authenticate, and get an error which contains

failed to refresh cached credentials, the SSO session has expired or is invalid: failed to read cached SSO token file

Reproduction Steps

Add the following files to internal/ini/testdata/valid

start_url

[ default ]
sso_start_url = https://d-123456789a.awsapps.com/start#

start_url_expected

{
    "default": {
        "sso_start_url": "https://d-123456789a.awsapps.com/start#"
    }
}

Run the acceptance test TestValidDataFiles

The result is

=== RUN   TestValidDataFiles
    /Users/gdavison/developer/aws-sdk-go-v2/internal/ini/ini_test.go:75: testdata/valid/start_url: expected https://d-123456789a.awsapps.com/start#, but received https://d-123456789a.awsapps.com/start for profile default
--- FAIL: TestValidDataFiles (0.00s)
FAIL

Possible Solution

No response

Additional Information/Context

No response

AWS Go SDK V2 Module Versions Used

github.com/aws/aws-sdk-go-v2/internal/ini v1.7.0

Compiler and Version used

go version go1.21.0 darwin/arm64

Operating System and version

macOS 13.4.1
@gdavison gdavison added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Nov 16, 2023
This was referenced Nov 16, 2023
Closed
Merged
This was referenced Nov 16, 2023
Closed
Merged
@lucix-aws lucix-aws linked a pull request Nov 16, 2023 that will close this issue
fix trailing comment parse in properties #2371
Merged
@lucix-aws lucix-aws added the p1 This is a high priority issue label Nov 16, 2023
@lucix-aws lucix-aws mentioned this issue Nov 16, 2023
Merged
@github-actions GitHub Actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

@lucix-aws lucix-aws mentioned this issue Nov 16, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. p1 This is a high priority issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix trailing comment parse in properties aws/aws-sdk-go-v2
2 participants
@gdavison @lucix-aws