@aashari/mcp-server-aws-sso/dist/cli/aws.sso.auth.cli.js

Node.js/TypeScript MCP server for AWS Single Sign-On (SSO). Enables AI systems (LLMs) with tools to initiate SSO login (device auth flow), list accounts/roles, and securely execute AWS CLI commands using temporary credentials. Streamlines AI interaction w

"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
const logger_util_js_1 = require("../utils/logger.util.js");
const error_util_js_1 = require("../utils/error.util.js");
const aws_sso_auth_controller_js_1 = __importDefault(require("../controllers/aws.sso.auth.controller.js"));
/**
 * AWS SSO Authentication CLI Module
 *
 * Provides CLI commands for authenticating with AWS SSO and managing
 * authentication status. Handles the browser-based login flow and
 * verifies authentication status.
 */
// Create a module logger
const cliLogger = logger_util_js_1.Logger.forContext('cli/aws.sso.auth.cli.ts');
// Log module initialization
cliLogger.debug('AWS SSO authentication CLI module initialized');
/**
 * Register AWS SSO auth CLI commands
 * @param program Commander program instance
 */
function register(program) {
    const registerLogger = logger_util_js_1.Logger.forContext('cli/aws.sso.auth.cli.ts', 'register');
    registerLogger.debug('Registering AWS SSO auth CLI commands');
    registerLoginCommand(program);
    // Register the status command
    program
        .command('status')
        .description('Check AWS SSO authentication status. Verifies if a valid cached token exists, displays its expiration time, and provides guidance on next steps. This command does NOT perform authentication - it only checks if you are already authenticated. If no valid token exists, it will instruct you to run the "login" command. Use this before other AWS SSO commands to verify your authentication state.')
        .action(async () => {
        const actionLogger = logger_util_js_1.Logger.forContext('cli/aws.sso.auth.cli.ts', 'status');
        try {
            actionLogger.debug('Checking authentication status via controller');
            // Use the controller method instead of directly accessing cache
            const result = await aws_sso_auth_controller_js_1.default.getAuthStatus();
            // Output the formatted content from the controller
            console.log(result.content);
        }
        catch (error) {
            (0, error_util_js_1.handleCliError)(error);
        }
    });
    registerLogger.debug('AWS SSO auth CLI commands registered');
}
/**
 * Register the login command
 * @param program Commander program instance
 */
function registerLoginCommand(program) {
    program
        .command('login')
        .description('Initiate AWS SSO authentication via device authorization flow. This generates a verification code, opens a browser to the AWS SSO authentication page (if enabled), and caches the resulting token. The cached token (valid for 8-12 hours) is used by other AWS SSO commands. Prerequisites: AWS SSO must be configured with a start URL and region, and you need browser access to complete the flow.')
        .option('--no-launch-browser', 'Disable automatic browser launch. When disabled, you must manually open the verification URL and enter the provided code. Useful for remote servers or environments without display access.')
        .option('--no-auto-poll', 'Disable automatic polling for authentication completion. When disabled, the command starts the login process but does not wait for completion, requiring you to check status separately with the "status" command.')
        .action(async (options) => {
        const loginLogger = logger_util_js_1.Logger.forContext('cli/aws.sso.auth.cli.ts', 'login');
        loginLogger.debug('Starting AWS SSO login', {
            launchBrowser: options.launchBrowser !== false,
            autoPoll: options.autoPoll !== false,
        });
        try {
            const result = await aws_sso_auth_controller_js_1.default.startLogin({
                launchBrowser: options.launchBrowser !== false,
                autoPoll: options.autoPoll !== false,
            });
            // Print the formatted content (already includes header/footer)
            console.log(result.content);
        }
        catch (error) {
            loginLogger.error('Login command failed', error);
            (0, error_util_js_1.handleCliError)(error);
        }
    });
}
// Export the register function
exports.default = { register };