Skip to content

Commit 3c3a450

Browse files
Add SSO_LOGIN_VANITY_URL feature ID to OIDC requests for vanity URL logins (#10459)
* Add SSO_LOGIN_VANITY_URL feature ID to User-Agent on SSO-OIDC requests for vanity URL logins
1 parent 825142a commit 3c3a450

5 files changed

Lines changed: 23 additions & 3 deletions

File tree

awscli/botocore/useragent.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -104,6 +104,7 @@
104104
'FLEXIBLE_CHECKSUMS_REQ_XXHASH3': 'AG',
105105
'FLEXIBLE_CHECKSUMS_REQ_XXHASH64': 'AH',
106106
'FLEXIBLE_CHECKSUMS_REQ_XXHASH128': 'AI',
107+
'SSO_LOGIN_VANITY_URL': 'AM',
107108
'AGENTIC_CALLER_CLAUDE_CODE': 'AN',
108109
'AGENTIC_CALLER_GEMINI_CLI': 'AO',
109110
'AGENTIC_CALLER_CODEX': 'AP',

awscli/customizations/agenttoolkit/agents.py

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -276,9 +276,6 @@ def __init__(self, agent, name, path):
276276
self.path = path
277277

278278

279-
# TODO: Verify detection, skills, and MCP config paths against actual
280-
# installations before release. Currently only tested with Kiro and
281-
# simulated agent directories.
282279
AGENT_CONFIGS = [
283280
# https://docs.anthropic.com/en/docs/claude-code/mcp
284281
AgentConfig(

awscli/customizations/configure/sso_commands.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,7 @@
3333
from botocore.config import Config
3434
from botocore.configprovider import ConstantProvider
3535
from botocore.exceptions import ProfileNotFound
36+
from botocore.useragent import register_feature_id
3637

3738
from awscli.customizations.configure import (
3839
get_section_header,
@@ -448,6 +449,7 @@ def _prompt_for_sso_start_url_and_sso_region(self, verify=None):
448449
self._sso_session_prompter.sso_session_config['sso_region'] = (
449450
region
450451
)
452+
register_feature_id('SSO_LOGIN_VANITY_URL')
451453
return start_url, region, resolved_url
452454
except Exception as e:
453455
logger.debug(

awscli/customizations/sso/login.py

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,8 @@
1212
# language governing permissions and limitations under the License.
1313
import os
1414

15+
from botocore.useragent import register_feature_id
16+
1517
from awscli.customizations.configure.writer import ConfigFileWriter
1618
from awscli.customizations.sso.resolve import resolve_start_url
1719
from awscli.customizations.sso.utils import (
@@ -62,6 +64,9 @@ def _run_main(self, parsed_args, parsed_globals):
6264
verify=verify,
6365
)
6466

67+
if resolved_url != start_url:
68+
register_feature_id('SSO_LOGIN_VANITY_URL')
69+
6570
on_pending_authorization = None
6671
if parsed_args.no_browser:
6772
on_pending_authorization = PrintOnlyHandler()

tests/functional/sso/test_login.py

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,8 @@
1515
import os
1616
import re
1717

18+
from botocore.context import start_as_current_context
19+
1820
from awscli.testutils import mock
1921
from tests.functional.sso import BaseSSOTest
2022

@@ -560,6 +562,12 @@ def test_config_not_rewritten_when_region_matches(self):
560562
config_content = f.read()
561563
self.assertIn('sso_region=us-east-1', config_content)
562564

565+
def test_vanity_url_sets_feature_id_in_user_agent(self):
566+
self.add_oidc_auth_code_responses(self.access_token)
567+
with start_as_current_context():
568+
self.run_cmd('sso login')
569+
self.assertIn('AM', self.last_request_dict['headers']['User-Agent'])
570+
563571

564572
class TestLoginWithVanityUrlLegacy(BaseSSOTest):
565573
def setUp(self):
@@ -628,3 +636,10 @@ def test_login_uses_configured_region(self):
628636
self.add_oidc_auth_code_responses(self.access_token)
629637
self.run_cmd('sso login')
630638
self.assert_used_expected_sso_region('us-west-2')
639+
640+
def test_direct_url_does_not_set_vanity_feature_id(self):
641+
self.add_oidc_auth_code_responses(self.access_token)
642+
with start_as_current_context():
643+
self.run_cmd('sso login')
644+
user_agent = self.last_request_dict['headers']['User-Agent']
645+
self.assertNotIn('AM', user_agent.split('m/')[-1])

0 commit comments

Comments
 (0)