@aashari/mcp-server-aws-sso/dist/cli/aws.sso.auth.cli.js

Node.js/TypeScript MCP server for AWS Single Sign-On (SSO). Enables AI systems (LLMs) with tools to initiate SSO login (device auth flow), list accounts/roles, and securely execute AWS CLI commands using temporary credentials. Streamlines AI interaction w

"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
const logger_util_js_1 = require("../utils/logger.util.js");
const error_util_js_1 = require("../utils/error.util.js");
const aws_sso_auth_controller_js_1 = __importDefault(require("../controllers/aws.sso.auth.controller.js"));
/**
 * AWS SSO Authentication CLI Module
 *
 * Provides CLI commands for authenticating with AWS SSO and managing
 * authentication status. Handles the browser-based login flow and
 * verifies authentication status.
 */
// Create a module logger
const cliLogger = logger_util_js_1.Logger.forContext('cli/aws.sso.auth.cli.ts');
// Log module initialization
cliLogger.debug('AWS SSO authentication CLI module initialized');
/**
 * Register AWS SSO auth CLI commands
 * @param program Commander program instance
 */
function register(program) {
    const registerLogger = logger_util_js_1.Logger.forContext('cli/aws.sso.auth.cli.ts', 'register');
    registerLogger.debug('Registering AWS SSO auth CLI commands');
    registerLoginCommand(program);
    registerLogger.debug('AWS SSO auth CLI commands registered');
}
/**
 * Register the login command
 * @param program Commander program instance
 */
function registerLoginCommand(program) {
    program
        .command('login')
        .description(`Authenticate with AWS SSO via browser.
			
        PURPOSE: Initiates AWS SSO device authorization flow, launching a browser for login, 
        and automatically polls for token completion.
			
        WHEN TO USE:
        - Before accessing any AWS resources
        - When your authentication token has expired
        - As the first step in any AWS SSO workflow
        
        AUTHENTICATION FLOW:
        - Starts the AWS SSO device authorization flow
        - Launches your browser with the verification URL
        - Displays a verification code to enter
        - Automatically polls until authentication completes
        - Verifies token validity
        
        OUTPUT: Markdown-formatted instructions for authentication,
        followed by confirmation once the flow is complete.
        
        EXAMPLES:
        $ mcp-aws-sso login             # Login with browser launch
        $ mcp-aws-sso login --no-browser # Login without browser launch
        $ mcp-aws-sso login --no-auto-poll # Login without automatic polling
			`)
        .option('--no-browser', 'Disable automatic browser launch, only show manual instructions')
        .option('--no-auto-poll', 'Disable automatic polling for token completion (used mainly for testing)')
        .action(async (options) => {
        const loginLogger = logger_util_js_1.Logger.forContext('cli/aws.sso.auth.cli.ts', 'login');
        loginLogger.debug('Starting AWS SSO login', {
            launchBrowser: options.browser,
            autoPoll: options.autoPoll,
        });
        try {
            const result = await aws_sso_auth_controller_js_1.default.startLogin({
                launchBrowser: options.browser,
                autoPoll: options.autoPoll,
            });
            console.log(result.content);
        }
        catch (error) {
            loginLogger.error('Login command failed', error);
            (0, error_util_js_1.handleCliError)(error);
        }
    });
}
// Export the register function
exports.default = { register };