From f1867160fdc77633933e11d87309b2d0eaa72e86 Mon Sep 17 00:00:00 2001
From: Dan <2939173+punmechanic@users.noreply.github.com>
Date: Thu, 11 Jan 2024 13:45:11 -0800
Subject: [PATCH] UX improvements (#103)

* Cache the most recently used account with get

* Bump TTL to 8 hours
---
 cli/config.go |  9 +++++----
 cli/consts.go |  2 +-
 cli/get.go    | 22 ++++++++++++++++------
 3 files changed, 22 insertions(+), 11 deletions(-)

diff --git a/cli/config.go b/cli/config.go
index 57fcc5a3..c2408d6e 100644
--- a/cli/config.go
+++ b/cli/config.go
@@ -197,10 +197,11 @@ func (a accountSet) WriteTable(w io.Writer, withHeaders bool) {
 
 // Config stores all information related to the user
 type Config struct {
-	Accounts      *accountSet `json:"accounts"`
-	TTL           uint        `json:"ttl"`
-	TimeRemaining uint        `json:"time_remaining"`
-	Tokens        *TokenSet   `json:"tokens"`
+	Accounts        *accountSet `json:"accounts"`
+	TTL             uint        `json:"ttl"`
+	TimeRemaining   uint        `json:"time_remaining"`
+	Tokens          *TokenSet   `json:"tokens"`
+	LastUsedAccount *string     `json:"last_used_account"`
 }
 
 func (c Config) GetOAuthToken() (*TokenSet, bool) {
diff --git a/cli/consts.go b/cli/consts.go
index 7dfd8e32..4866d86f 100644
--- a/cli/consts.go
+++ b/cli/consts.go
@@ -12,7 +12,7 @@ var (
 
 const (
 	// DefaultTTL for requested credentials in hours
-	DefaultTTL uint = 1
+	DefaultTTL uint = 8
 	// DefaultTimeRemaining for new key requests in minutes
 	DefaultTimeRemaining  uint   = 5
 	LinuxAmd64BinaryName  string = "keyconjurer-linux-amd64"
diff --git a/cli/get.go b/cli/get.go
index c59231a4..b88c128d 100644
--- a/cli/get.go
+++ b/cli/get.go
@@ -67,7 +67,6 @@ var getCmd = &cobra.Command{
 	Long: `Retrieves temporary cloud API credentials for the specified account.  It sends a push request to the first Duo device it finds associated with your account.
 
 A role must be specified when using this command through the --role flag. You may list the roles you can assume through the roles command.`,
-	Args: cobra.ExactArgs(1),
 	RunE: func(cmd *cobra.Command, args []string) error {
 		config := ConfigFromCommand(cmd)
 		ctx := cmd.Context()
@@ -101,10 +100,20 @@ A role must be specified when using this command through the --role flag. You ma
 			ttl = 8
 		}
 
+		var accountID string
+		if len(args) > 0 {
+			accountID = args[0]
+		} else if config.LastUsedAccount != nil {
+			// No account specified. Can we use the most recent one?
+			accountID = *config.LastUsedAccount
+		} else {
+			return cmd.Usage()
+		}
+
 		bypassCache, _ := cmd.Flags().GetBool(FlagBypassCache)
-		account, ok := resolveApplicationInfo(config, bypassCache, args[0])
+		account, ok := resolveApplicationInfo(config, bypassCache, accountID)
 		if !ok {
-			cmd.PrintErrf("%q is not a known account name in your account cache. Your cache can be refreshed by entering executing `keyconjurer accounts`. If the value provided is an Okta application ID, you may provide %s as an option to this command and try again.", args[0], FlagBypassCache)
+			cmd.PrintErrf("%q is not a known account name in your account cache. Your cache can be refreshed by entering executing `keyconjurer accounts`. If the value provided is an Okta application ID, you may provide %s as an option to this command and try again.", accountID, FlagBypassCache)
 			return nil
 		}
 
@@ -128,7 +137,7 @@ A role must be specified when using this command through the --role flag. You ma
 		}
 
 		if credentials.ValidUntil(account, time.Duration(timeRemaining)*time.Minute) {
-			return echoCredentials(args[0], args[0], credentials, outputType, shellType, awsCliPath, tencentCliPath)
+			return echoCredentials(accountID, accountID, credentials, outputType, shellType, awsCliPath, tencentCliPath)
 		}
 
 		oauthCfg, err := DiscoverOAuth2Config(cmd.Context(), oidcDomain, clientID)
@@ -158,7 +167,7 @@ A role must be specified when using this command through the --role flag. You ma
 
 		pair, ok := FindRoleInSAML(roleName, samlResponse)
 		if !ok {
-			cmd.PrintErrf("you do not have access to the role %s on application %s\n", roleName, args[0])
+			cmd.PrintErrf("you do not have access to the role %s on application %s\n", roleName, accountID)
 			return nil
 		}
 
@@ -197,8 +206,9 @@ A role must be specified when using this command through the --role flag. You ma
 		if account != nil {
 			account.MostRecentRole = roleName
 		}
+		config.LastUsedAccount = &accountID
 
-		return echoCredentials(args[0], args[0], credentials, outputType, shellType, awsCliPath, tencentCliPath)
+		return echoCredentials(accountID, accountID, credentials, outputType, shellType, awsCliPath, tencentCliPath)
 	}}
 
 func echoCredentials(id, name string, credentials CloudCredentials, outputType, shellType, awsCliPath, tencentCliPath string) error {