Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions .changes/next-release/enhancement-sso-4703.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
{
"type": "enhancement",
"category": "sso",
"description": "The browser tab opened by ``aws sso login`` for the Authorization Code flow now makes a best-effort attempt to close itself after a successful login. This is a no-op in browsers that block it (e.g. after an interactive login), where the page continues to display a message that the tab can be closed."
}
10 changes: 8 additions & 2 deletions awscli/customizations/sso/index.html
Original file line number Diff line number Diff line change
Expand Up @@ -121,8 +121,8 @@ <h1 class="title">Sign in to AWS</h1>
</path>
</svg>
<div class="success-text">
Your credentials have been shared successfully and can be used until your session expires. You can
now close this tab.
Your credentials have been shared successfully and can be used until your session expires. This tab
will try to close automatically&mdash;if it is still open, you can safely close it now.
</div>
</div>
<div id="error-message" class="error-content hidden">
Expand All @@ -146,6 +146,12 @@ <h1 class="title">Sign in to AWS</h1>
document.getElementById('success-message').classList.add('hidden');
document.getElementById('error-message').classList.remove('hidden');
document.getElementById('error-text').innerText = error;
} else {
// Best-effort tab close. Browsers only allow window.close() on
// tabs opened by script or with a single history entry, so this
// is a no-op after an interactive login. When it is blocked the
// success message above tells the user to close the tab.
window.setTimeout(() => window.close(), 300);
}
};
</script>
Expand Down
10 changes: 10 additions & 0 deletions tests/unit/customizations/sso/test_utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -317,6 +317,16 @@ def test_error(self):
assert actual_code is None
assert actual_state is None

def test_callback_page_attempts_best_effort_close(self):
url = self.url + '?code=1234&state=4567'

http = urllib3.PoolManager()
response = http.request("GET", url)

self.fetcher.get_auth_code_and_state()
assert response.status == 200
assert b'window.close()' in response.data


@mock.patch(
'awscli.customizations.sso.utils.AuthCodeFetcher._REQUEST_TIMEOUT', 0.1
Expand Down