implement custom templated launch for sso browser option

common-fate · Sep 18, 2024 · 857f31c · 857f31c
1 parent 46a8f33
commit 857f31c
Show file tree

Hide file tree

Showing 3 changed files with 49 additions and 2 deletions.
diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -42,6 +42,11 @@ type Config struct {
 	// and CustomBrowserPath fields.
 	AWSConsoleBrowserLaunchTemplate *BrowserLaunchTemplate `toml:",omitempty"`
 
+	// SOBrowserLaunchTemplate is an optional launch template to use
+	// for opening the SSO auth flow. If specified it overrides the DefaultBrowser
+	// and CustomSSOBrowserPath fields.
+	SSOBrowserLaunchTemplate *BrowserLaunchTemplate `toml:",omitempty"`
+
 	Keyring                *KeyringConfig `toml:",omitempty"`
 	Ordering               string
 	ExportCredentialSuffix string

diff --git a/pkg/granted/console.go b/pkg/granted/console.go
@@ -128,7 +128,7 @@ var ConsoleCommand = cli.Command{
 		}
 
 		if startErr != nil {
-			return clierr.New(fmt.Sprintf("Granted was unable to open a browser session automatically due to the following error: %s", err.Error()),
+			return clierr.New(fmt.Sprintf("Granted was unable to open a browser session automatically due to the following error: %s", startErr.Error()),
 				// allow them to try open the url manually
 				clierr.Info("You can open the browser session manually using the following url:"),
 				clierr.Info(consoleURL),

diff --git a/pkg/idclogin/run.go b/pkg/idclogin/run.go
@@ -2,13 +2,18 @@ package idclogin
 
 import (
 	"context"
+	"errors"
+	"fmt"
 	"os/exec"
 	"time"
 
 	"github.com/aws/aws-sdk-go-v2/aws"
 	"github.com/aws/aws-sdk-go-v2/service/ssooidc"
 	"github.com/common-fate/clio"
+	"github.com/common-fate/clio/clierr"
 	grantedConfig "github.com/common-fate/granted/pkg/config"
+	"github.com/common-fate/granted/pkg/forkprocess"
+	"github.com/common-fate/granted/pkg/launcher"
 	"github.com/common-fate/granted/pkg/securestorage"
 	"github.com/pkg/browser"
 )
@@ -54,7 +59,44 @@ func Login(ctx context.Context, cfg aws.Config, startUrl string, scopes []string
 		return nil, err
 	}
 
-	if config.CustomSSOBrowserPath != "" {
+	if config.SSOBrowserLaunchTemplate != nil {
+		l, err := launcher.CustomFromLaunchTemplate(config.SSOBrowserLaunchTemplate, []string{})
+		if err == launcher.ErrLaunchTemplateNotConfigured {
+			return nil, errors.New("error configuring custom browser, ensure that [SSOBrowserLaunchTemplate] is specified in your Granted config file")
+		}
+		if err != nil {
+			return nil, err
+		}
+
+		// now build the actual command to run - e.g. 'firefox --new-tab <URL>'
+		args, err := l.LaunchCommand(url, "")
+		if err != nil {
+			return nil, fmt.Errorf("error building browser launch command: %w", err)
+		}
+
+		var startErr error
+		if l.UseForkProcess() {
+			clio.Debugf("running command using forkprocess: %s", args)
+			cmd, err := forkprocess.New(args...)
+			if err != nil {
+				return nil, err
+			}
+			startErr = cmd.Start()
+		} else {
+			clio.Debugf("running command without forkprocess: %s", args)
+			cmd := exec.Command(args[0], args[1:]...)
+			startErr = cmd.Start()
+		}
+
+		if startErr != nil {
+			return nil, clierr.New(fmt.Sprintf("Granted was unable to open a browser session automatically due to the following error: %s", startErr.Error()),
+				// allow them to try open the url manually
+				clierr.Info("You can open the browser session manually using the following url:"),
+				clierr.Info(url),
+			)
+		}
+
+	} else if config.CustomSSOBrowserPath != "" {
 		cmd := exec.Command(config.CustomSSOBrowserPath, url)
 		err = cmd.Start()
 		if err != nil {