node-aws-adfs

beta

This module should be considered as BETA and not recommended to use in production. I am still changing functions and their names, so updates may break any scripts you have developed in the future.

Description

• A nodejs based module and cli command utitly to allow aws cli authentication against ADFS (multi factor authentication with active directory).
• This script has been inspired and based on python module aws-adfs
• https://api.travis-ci.org/venth/aws-adfs.svg?branch=master

Usage

Get a json object.

var iGetAssertion = require('node-aws-adfs') ;
 
iGetAssertion.returnAWSCredObj(
      email,   pass,  adfsserver , workgroup, awsregion )
  .then(function(response) {
      console.log( "Blob details", response )
  })
  .catch(function(errr) {
    console.log("Error", errr)
  })
 

files

• This is made of two parts, the module itself and a command line utility that makes use of the module.

A test script allows for CLI cli authentication against ADFS

So far the module creates the .aws/credential file. It also set the AWS ENV variables, however the use has not been tested.

Process outline

Process:

• Authenticate to your org ADFS server ( web interface.)
  • Get Redirect
• Get SAMLAssertion
  • process SAML assertion
  • Get XML
• Get tmp credentials
• USE AWS-SDK
  • AWS.STS
  • sts.assumeRoleWithSAML
• Write AWS config file.

CLI utility tool file example.js

Create a ~/.aws/credentials and ~/.aws/config file using this module. WARN. This will overwrite any existing files! This file also uses its own config file if found. It must be called "node-aws-adfs.json" and live in the .aws folder This config file needs to be created by hand.

config file

If you do not want to include all the options on the command line, you can create config file for this module. Please remember, this config file is not used by AWS. vim ~/.aws/node-aws-adfs.json

{
    "email":"firstname.surname@work.com",
    "adfsserver":"login.work.com",
    "awsregion":"ap-southeast-2",
    "workgroup":"POC-WORKGROUP"
}

Install

TODO

Example usage and setup

Example file

See example.js cli utility

With npm

 
mkdir testnode
cd testnode
npm init
npm install node-aws-adfs
cp node_modules/node-aws-adfs/example.js .
# elementree is not installed for some reason! 
npm install elementtree
nodejs --use_strict example.js -w  --email firstname.second@work.edu --adfsserver login.work.com --awsregion ap-southeast-2   --workgroup POC-Workgroup
aws s3 ls
 

From github

mkdir myproject
cd myproject
git init
curl https://raw.githubusercontent.com/tdelov/node-aws-adfs/master/.gitignore > .gitignore
npm init
npm install git+https://github.com/tdelov/node-aws-adfs.git
cp node_modules/node-aws-adfs/example.js example.js
# elementree is not installed for some reason! 
npm install elementtree
# run the example help! 
node example.js -h

TODO

Create function to Set ENV vars Make current ability to write to .aws/credential file a seperate function