I'm trying to build a golang cli tool for my company and as part of that build login and some other features into the tool. For the life of me I can't figure out how AWS is able to open a browser window and wait for a few button clicks before proceeding from the CLI.
https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_StartDeviceAuthorization.html
Here's the CLI command I input
aws sso login --profile login
Attempting to automatically open the SSO authorization page in your default browser.
If the browser does not open or you wish to use a different device to authorize this request, open the following URL:
https://device.sso.us-east-1.amazonaws.com/
Then enter the code:
abcd-efgh
Successfully logged into Start URL: https://d-1421421423.awsapps.com/start
Here's the Python docs as well for start device auth and create token
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/sso-oidc/client/start_device_authorization.html https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/sso-oidc/client/create_token.html
One option that I just threw together that seems to be working is a loop that just checks every second
for attempts <= 30 {
fmt.Println(attempts)
token, err := idc.CreateToken(context.TODO(), &createTokenInput)
if err != nil {
// if debug is enabled show error
log.Debug(err.Error())
attempts++
// wait 1 second
time.Sleep(1 * time.Second)
} else {
response = *token
break
}
}
Edit:
After running AWS sso login —debug
I noticed that the logs are actually looping and running the createToken query over and over, so AWS is doing something similar to the above.