Force AWS usage of creds file (#11)

* Forcing aws session to read the local file

* Updated token validation

internal/pkg/aws/aws.go

@@ -4,19 +4,28 @@ import (
  "bytes"
  "os/user"
  "path/filepath"
+ "regexp"
  "time"
 
  "gopkg.in/ini.v1"
 
+ "github.com/aws/aws-sdk-go/aws"
+ "github.com/aws/aws-sdk-go/aws/credentials"
  "github.com/aws/aws-sdk-go/aws/session"
  "github.com/aws/aws-sdk-go/service/iam"
  "github.com/aws/aws-sdk-go/service/sts"
 
  "github.com/spf13/afero"
 )
 
+const (
+ tokenValidationRegex string = "^[0-9]+$"
+)
+
 var (
  appFs = afero.NewOsFs()
+
+ tokenValidationRegexComplied = regexp.MustCompilePOSIX(tokenValidationRegex)
 )
 
 //Credentials represents the set of attributes used to authenticate to AWS with a short lived session
@@ -58,7 +67,9 @@ func GenerateSTSCredentials(profile string, tokenCode string) (*Credentials, err
  }
 
  awsSession := session.Must(session.NewSessionWithOptions(session.Options{
- Profile: profile,
+ Config: aws.Config{
+ Credentials: credentials.NewSharedCredentials(path, profile),
+ },
  }))
 
  iamInstance := iam.New(awsSession)
@@ -133,6 +144,9 @@ func validateToken(token string) error {
  if len(token) <= 5 {
  return ErrInvalidToken
  }
+ if !tokenValidationRegexComplied.MatchString(token) {
+ return ErrInvalidToken
+ }
 
  return nil
 }

internal/pkg/aws/aws_test.go

@@ -234,6 +234,20 @@ func Test_validateToken(t *testing.T) {
  },
  true,
  },
+ {
+ "Invalid/NotNumbers",
+ args{
+ token: "23ss21",
+ },
+ true,
+ },
+ {
+ "Invalid/NotNumbersLong",
+ args{
+ token: "5364f'[73",
+ },
+ true,
+ },
  {
  "Valid/Token",
  args{