Merge branch 'dev' into Dockerfile-Update

Nike-Inc · Feb 6, 2024 · b99a40f · b99a40f
2 parents b6373f6 + 52760fa
commit b99a40f
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 17 deletions.
diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
@@ -90,11 +90,11 @@ jobs:
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip
-          pip install setuptools wheel twine
+          pip install setuptools wheel twine build
       - name: Build and publish
         env:
           TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }}
           TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
         run: |
-          python setup.py sdist bdist_wheel
+          python -m build
           twine upload dist/*
diff --git a/Dockerfile b/Dockerfile
@@ -9,7 +9,8 @@ RUN apk --update add libgcc
 ENV PACKAGES="gcc musl-dev python3-dev libffi-dev openssl-dev cargo"
 
 RUN apk --update add $PACKAGES \
-    && python -m pip install .\
+    && pip install --upgrade pip setuptools-rust build \
+    && pip install . \
     && apk del --purge $PACKAGES
 
 ENTRYPOINT ["/usr/local/bin/gimme-aws-creds"]
diff --git a/gimme_aws_creds/config.py b/gimme_aws_creds/config.py
@@ -426,24 +426,19 @@ def _get_client_id_entry(self, default_entry):
     def _get_appurl_entry(self, default_entry):
         """ Get and validate app_url """
         ui.default.message(
-            "Enter the application link. This is https://something.okta[preview].com/home/amazon_aws/<app_id>/something")
+            "Enter the application link. This is {}/home/amazon_aws/<app_id>/something".format(self._okta_org_url))
         okta_app_url_valid = False
         app_url = default_entry
 
         while okta_app_url_valid is False:
             app_url = self._get_user_input("Application url", default_entry)
             url_parse_results = urlparse(app_url)
-            allowlist = [
-                "okta.com",
-                "oktapreview.com",
-                "okta-emea.com",
-            ]
-
-            if url_parse_results.scheme == "https" and any(urlelement in url_parse_results.hostname for urlelement in allowlist):
+            okta_org_parse = urlparse(self._okta_org_url)
+            if url_parse_results.scheme == "https" and url_parse_results.hostname == okta_org_parse.hostname:
                 okta_app_url_valid = True
             else:
                 ui.default.warning(
-                    "Okta organization URL must be HTTPS URL for okta.com or oktapreview.com or okta-emea.com domain")
+                    "Okta organization URL must be HTTPS URL for {}".format(self._okta_org_url))
 
         self._app_url = app_url
 

diff --git a/gimme_aws_creds/main.py b/gimme_aws_creds/main.py
@@ -23,8 +23,8 @@
 import boto3
 import requests
 from botocore.exceptions import ClientError
-from okta.framework.ApiClient import ApiClient
-from okta.framework.OktaError import OktaError
+from okta.api_client import APIClient
+from okta.errors.error import Error as OktaError
 
 # local imports
 from . import errors, ui, version
@@ -221,8 +221,8 @@ def _get_aws_account_info(okta_org_url, okta_api_key, username):
         """ Call the Okta User API and process the results to return
         just the information we need for gimme_aws_creds"""
         # We need access to the entire JSON response from the Okta APIs, so we need to
-        # use the low-level ApiClient instead of UsersClient and AppInstanceClient
-        users_client = ApiClient(okta_org_url, okta_api_key, pathname='/api/v1/users')
+        # use the low-level APIClient instead of UsersClient and AppInstanceClient
+        users_client = APIClient(okta_org_url, okta_api_key, pathname='/api/v1/users')
 
         # Get User information
         try:

diff --git a/requirements.txt b/requirements.txt
@@ -3,7 +3,7 @@ beautifulsoup4>=4.6.0,<5.0.0
 keyring>=21.4.0
 requests>=2.25.0,<3.0.0
 fido2>=0.9.1,<0.10.0
-okta>=0.0.4,<1.0.0
+okta>=2.9.3,<3.0.0
 ctap-keyring-device==1.0.6
 pyjwt>=2.4.0,<3.0.0
 urllib3>=1.26.0,<2.0.0