cli

0

Golang app to authenticate with AWS Cognito Pool

Posted on by rafpe

Since started to work with AWS I sometimes hit the same problems more than one time 😉 One of those happen was when working with AWS Cognito – just needed to authenticate and get token – or just verify the user 😉 using command line.  I honestly did not want to be bothered with any complexity to get simple tokens which I planned to use in accessing other systems etc.

For this purposes I have created simple CLI ( right now with just 2 methods ) to help me out in those situations.  Usage is extremely simple you just need to have your AWS profile configured and have details of your AppClient from your user pool.

Authenticate

> [SHELL] RafPe $ go-cognito-authy --profile cloudy --region eu-central-1 auth --username rafpe --password 'Password.0ne!'  --clientID 2jxxxiuui123
{
AuthenticationResult: {
    AccessToken: "eyJraWQiOiJ0QXVBNmxtNngrYkxoSmZ",
    ExpiresIn: 3600,
    IdToken: "eyJraWQiOiJ0bHF2UElTV0pn",
    RefreshToken: "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R-TpkR_uompG7fyajYeFvn-rJVC_tDO4pB3",
    TokenType: "Bearer"
},
ChallengeParameters: {}
}

which in return should give you response with tokens needed further in your adventures with AWS…. but if you would have user in state that a password needs to be changed 😉 ….

> [INSERT] RafPe $ go-cognito-authy --profile cloudy --region eu-central-1 auth --username rafpe --password 'Password.0ne!'  --clientID 2jxxxiuui123
{
ChallengeName: "NEW_PASSWORD_REQUIRED",
ChallengeParameters: {
    requiredAttributes: "[]",
    userAttributes: "{\"email_verified\":\"true\",\"email\":\"[email protected]\"}",
    USER_ID_FOR_SRP: "rafpe"
},
Session: "bCqSkLeoJR_ys...."
}

 

Administratively set new pass

With the session above and known challenge for new pass you can use it to set desired password

> [INSERT] RafPe $ go-cognito-authy --profile cloudy -region eu-central-1 admin reset-pass --username rafpe --pass-new 'Password.0ne2!' --clientID 2jxxxiuui123 --userPoolID  eu-central-1_CWNnTiR0j --session "bCqSkLeoJR_ys...."

and voilla 😉 we can now continue playing with tokens

 

 

Patches welcome

The whole solution is available on Github https://github.com/RafPe/go-cognito-authy/tree/master  and if you are missing something please create a PR 😉

1

Automating Akamai – Network lists with CLI and API

Posted on by rafpe

Hi,

This most likely can be first of several posts on tools and approach taken to automate tasks in Akamai. Before we look into specific toolset lets peak what is Akamai’s vision on automation

 

From what I have seen some of the features do work nicely and some of them are still in beta or alpha. We will be focusing on Akamai CLI and extending it with plugin to manage network lists. 

Akamai CLI is a tool which allows us to write plugin in most of common languages ( for me it will be Golang ) and then use it from console. Since the tool is well documented I will skip introducing it and send you off to documentation 

 

Choosing your client

Before you go ahead and write your own plugin you should decide on which client to choose ( or write your own ) which will take over communication with Akamai’s API.

For Golang Akamai have client which you can get here – however inspired by colleague of mine who wrote go-gitlab ( and not only ) I decided to make client a bit more robust and organised and came up ( as we engineers usually do 🙂 ) with alternative version.

This client can be found under https://github.com/RafPe/go-edgegrid

 

Akamai-CLI Network Lists

We start off by installing the plugin into Akamai’s CLI toolkit by running

akamai install https://github.com/RafPe/akamai-cli-netlist

which in return shows us the output similar to

 

From this point onwards we can use of all benefits of our new plugin. Just to give it a spin I will try explore just getting the lists …

Getting all network lists

 

Getting one list with all elements

 

Want more ?….

Rest of them is well documented in repository page under https://github.com/RafPe/akamai-cli-netlist  and from there I encourage you to explore the options you have for automation and let me know in comments did it work for you 🙂

 

 

More community extension

My extension is now not the only one recently created – below is the list of other ones which you can make use of already

Akamai CLI for Netstorage https://github.com/partamonov/akamai-cli-netstorage
Akamai CLI for Siteshield https://github.com/partamonov/akamai-cli-siteshield
Akamai CLI for Firewall Rules Notifications https://github.com/partamonov/akamai-cli-frn