Create a prompt subpackage

Author: lox

add.go

@@ -4,6 +4,7 @@ import (
 	"os"
 
 	"github.com/99designs/aws-vault/keyring"
+	"github.com/99designs/aws-vault/prompt"
 	"github.com/aws/aws-sdk-go/aws/credentials"
 )
 
@@ -25,10 +26,10 @@ func AddCommand(ui Ui, input AddCommandInput) {
 		}
 	} else {
 		var err error
-		if accessKeyId, err = prompt("Enter Access Key ID: "); err != nil {
+		if accessKeyId, err = prompt.TerminalPrompt("Enter Access Key ID: "); err != nil {
 			ui.Error.Fatal(err)
 		}
-		if secretKey, err = promptPassword("Enter Secret Access Key: "); err != nil {
+		if secretKey, err = prompt.TerminalPrompt("Enter Secret Access Key: "); err != nil {
 			ui.Error.Fatal(err)
 		}
 	}

dialog/dialog_darwin.go

@@ -9,6 +9,7 @@ import (
 	"time"
 
 	"github.com/99designs/aws-vault/keyring"
+	"github.com/99designs/aws-vault/prompt"
 	"github.com/aws/aws-sdk-go/aws/awserr"
 	"github.com/aws/aws-sdk-go/aws/credentials"
 )
@@ -20,6 +21,7 @@ type ExecCommandInput struct {
 	Keyring     keyring.Keyring
 	Duration    time.Duration
 	MfaToken    string
+	MfaPrompt   prompt.PromptFunc
 	StartServer bool
 	Signals     chan os.Signal
 	NoSession   bool
@@ -51,6 +53,7 @@ func ExecCommand(ui Ui, input ExecCommandInput) {
 		creds, err := NewVaultCredentials(input.Keyring, input.Profile, VaultOptions{
 			SessionDuration: input.Duration,
 			MfaToken:        input.MfaToken,
+			MfaPrompt:       input.MfaPrompt,
 		})
 		if err != nil {
 			ui.Error.Fatal(err)

exec.go

@@ -9,21 +9,24 @@ import (
 	"net/url"
 
 	"github.com/99designs/aws-vault/keyring"
+	"github.com/99designs/aws-vault/prompt"
 	"github.com/aws/aws-sdk-go/aws/awserr"
 	"github.com/aws/aws-sdk-go/aws/credentials"
 	"github.com/skratchdot/open-golang/open"
 )
 
 type LoginCommandInput struct {
-	Profile  string
-	Keyring  keyring.Keyring
-	MfaToken string
+	Profile   string
+	Keyring   keyring.Keyring
+	MfaToken  string
+	MfaPrompt prompt.PromptFunc
 }
 
 func LoginCommand(ui Ui, input LoginCommandInput) {
 	provider, err := NewVaultProvider(input.Keyring, input.Profile, VaultOptions{
 		AssumeRoleDuration: MaxAssumeRoleDuration,
 		MfaToken:           input.MfaToken,
+		MfaPrompt:          input.MfaPrompt,
 	})
 	if err != nil {
 		ui.Error.Fatal(err)

login.go

@@ -1,12 +1,14 @@
 package main
 
 import (
+	"fmt"
 	"io/ioutil"
 	"log"
 	"os"
 	"os/signal"
 
 	"github.com/99designs/aws-vault/keyring"
+	"github.com/99designs/aws-vault/prompt"
 	"gopkg.in/alecthomas/kingpin.v2"
 )
 
@@ -28,7 +30,9 @@ func (w logWriter) Write(b []byte) (int, error) {
 }
 
 func main() {
+
 	var (
+		prompts          = prompt.Available()
 		debug            = kingpin.Flag("debug", "Show debugging output").Bool()
 		add              = kingpin.Command("add", "Adds credentials, prompts if none provided")
 		addProfile       = add.Arg("profile", "Name of the profile").Required().String()
@@ -38,6 +42,7 @@ func main() {
 		execNoSession    = exec.Flag("no-session", "Use root credentials, no session created").Short('n').Bool()
 		execSessDuration = exec.Flag("session-ttl", "Expiration time for aws session").Default("4h").OverrideDefaultFromEnvar("AWS_SESSION_TTL").Short('t').Duration()
 		execMfaToken     = exec.Flag("mfa-token", "The mfa token to use").Short('m').String()
+		execMfaPrompt    = exec.Flag("mfa-prompt", fmt.Sprintf("Prompt to use for mfa, from %v", prompts)).Default("terminal").OverrideDefaultFromEnvar("AWS_VAULT_PROMPT").Enum(prompts...)
 		execServer       = exec.Flag("server", "Run the server in the background for credentials").Short('s').Bool()
 		execProfile      = exec.Arg("profile", "Name of the profile").Required().String()
 		execCmd          = exec.Arg("cmd", "Command to execute").Default(os.Getenv("SHELL")).String()
@@ -48,6 +53,7 @@ func main() {
 		login            = kingpin.Command("login", "Generate a login link for the AWS Console")
 		loginProfile     = login.Arg("profile", "Name of the profile").Required().String()
 		loginMfaToken    = login.Flag("mfa-token", "The mfa token to use").Short('t').String()
+		loginMfaPrompt   = login.Flag("mfa-prompt", fmt.Sprintf("Prompt to use for mfa, from %v", prompts)).Default("terminal").OverrideDefaultFromEnvar("AWS_VAULT_PROMPT").Enum(prompts...)
 		server           = kingpin.Command("server", "Run an ec2 instance role server locally")
 	)
 
@@ -109,15 +115,17 @@ func main() {
 			Duration:    *execSessDuration,
 			Signals:     signals,
 			MfaToken:    *execMfaToken,
+			MfaPrompt:   prompt.Method(*execMfaPrompt),
 			StartServer: *execServer,
 			NoSession:   *execNoSession,
 		})
 
 	case login.FullCommand():
 		LoginCommand(ui, LoginCommandInput{
-			Profile:  *loginProfile,
-			Keyring:  keyring,
-			MfaToken: *loginMfaToken,
+			Profile:   *loginProfile,
+			Keyring:   keyring,
+			MfaToken:  *loginMfaToken,
+			MfaPrompt: prompt.Method(*loginMfaPrompt),
 		})
 
 	case server.FullCommand():

main.go

@@ -0,0 +1,28 @@
+// +build darwin
+
+package prompt
+
+import (
+	"fmt"
+	"os/exec"
+	"strings"
+)
+
+func CocoaPrompt(prompt string) (string, error) {
+	cmd := exec.Command("/usr/bin/osascript", "-e", fmt.Sprintf(`
+		display dialog "%s" default answer "" buttons {"OK", "Cancel"} default button 1
+        text returned of the result
+        return result`,
+		prompt))
+
+	out, err := cmd.Output()
+	if err != nil {
+		return "", err
+	}
+
+	return strings.TrimSpace(string(out)), nil
+}
+
+func init() {
+	Methods["cocoa"] = CocoaPrompt
+}

prompt/cocoa.go

@@ -0,0 +1,30 @@
+package prompt
+
+import (
+	"errors"
+	"fmt"
+)
+
+type PromptFunc func(string) (string, error)
+
+var Methods = map[string]PromptFunc{
+	"terminal": TerminalPrompt,
+}
+
+var errPromptAborted = errors.New("User cancelled prompt with no value")
+
+func Available() []string {
+	methods := []string{}
+	for k := range Methods {
+		methods = append(methods, k)
+	}
+	return methods
+}
+
+func Method(s string) PromptFunc {
+	m, ok := Methods[s]
+	if !ok {
+		panic(fmt.Sprintf("Prompt method %q doesn't exist", s))
+	}
+	return m
+}

prompt/prompt.go

@@ -1,24 +1,19 @@
-package main
+package prompt
 
 import (
 	"bufio"
 	"fmt"
 	"os"
 	"strings"
-
-	"github.com/bgentry/speakeasy"
 )
 
-func prompt(prompt string) (string, error) {
+func TerminalPrompt(prompt string) (string, error) {
+	fmt.Fprint(os.Stderr, prompt)
+
 	reader := bufio.NewReader(os.Stdin)
-	fmt.Print(prompt)
 	text, err := reader.ReadString('\n')
 	if err != nil {
 		return "", err
 	}
 	return strings.TrimSpace(text), nil
 }
-
-func promptPassword(prompt string) (string, error) {
-	return speakeasy.Ask(prompt)
-}

prompt.go prompt/terminal.go

@@ -8,6 +8,7 @@ import (
 	"time"
 
 	"github.com/99designs/aws-vault/keyring"
+	"github.com/99designs/aws-vault/prompt"
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/credentials"
 	"github.com/aws/aws-sdk-go/service/sts"
@@ -33,6 +34,7 @@ type VaultOptions struct {
 	AssumeRoleDuration time.Duration
 	ExpiryWindow       time.Duration
 	MfaToken           string
+	MfaPrompt          prompt.PromptFunc
 }
 
 func (o VaultOptions) Validate() error {
@@ -171,7 +173,7 @@ func (p *VaultProvider) getSessionToken(creds *credentials.Value) (sts.Credentia
 	if mfa, ok := p.profiles[p.profile]["mfa_serial"]; ok {
 		params.SerialNumber = aws.String(mfa)
 		if p.MfaToken == "" {
-			token, err := prompt(fmt.Sprintf("Enter token for %s: ", mfa))
+			token, err := p.MfaPrompt(fmt.Sprintf("Enter token for %s: ", mfa))
 			if err != nil {
 				return sts.Credentials{}, err
 			}

provider.go

@@ -4,6 +4,7 @@ import (
 	"fmt"
 
 	"github.com/99designs/aws-vault/keyring"
+	"github.com/99designs/aws-vault/prompt"
 )
 
 type RemoveCommandInput struct {
@@ -15,7 +16,7 @@ type RemoveCommandInput struct {
 func RemoveCommand(ui Ui, input RemoveCommandInput) {
 	if !input.SessionsOnly {
 		provider := &KeyringProvider{Keyring: input.Keyring, Profile: input.Profile}
-		r, err := prompt(fmt.Sprintf("Delete credentials for profile %q? (Y|n)", input.Profile))
+		r, err := prompt.TerminalPrompt(fmt.Sprintf("Delete credentials for profile %q? (Y|n)", input.Profile))
 		if err != nil {
 			ui.Error.Fatal(err)
 		} else if r == "N" || r == "n" {