From 1a795b8faae516472b234bff6a84496f47014418 Mon Sep 17 00:00:00 2001
From: rgennisse <31985884+rgennisse@users.noreply.github.com>
Date: Thu, 5 Mar 2020 11:04:41 +0100
Subject: [PATCH 1/2] Update generateMFASecurityToken.sh

The order of the credentials was changed so reading the credentials was failing Since we don't know what version a user is using, I made it more robust. The only downside is the extra need of jq.
---
 generateMFASecurityToken.sh | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/generateMFASecurityToken.sh b/generateMFASecurityToken.sh
index d1cb38e..f571fa7 100644
--- a/generateMFASecurityToken.sh
+++ b/generateMFASecurityToken.sh
@@ -50,10 +50,15 @@ fi
 if [ "$GENERATE_ST" = "true" ];then
     read -p "Token code for MFA Device ($MFA_SERIAL): " TOKEN_CODE
     echo "Generating new IAM STS Token ..."
-    read -r AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN EXPIRATION AWS_ACCESS_KEY_ID < <(aws sts get-session-token --profile $BASE_PROFILE_NAME --output text --query 'Credentials.*' --serial-number $MFA_SERIAL --token-code $TOKEN_CODE)
+    creds=`aws sts get-session-token --profile $BASE_PROFILE_NAME --serial-number $MFA_SERIAL --token-code $TOKEN_CODE`
     if [ $? -ne 0 ];then
         echo "An error occured. AWS credentials file not updated"
     else
+        AWS_ACCESS_KEY_ID=`echo $creds |jq .Credentials.AccessKeyId`
+        EXPIRATION=`echo $creds |jq .Credentials.Expiration`
+        AWS_SECRET_ACCESS_KEY=`echo $creds |jq .Credentials.SecretAccessKey`
+        AWS_SESSION_TOKEN=`echo $creds |jq .Credentials.SessionToken`
+
         aws configure set aws_secret_access_key "$AWS_SECRET_ACCESS_KEY" --profile $MFA_PROFILE_NAME
         aws configure set aws_session_token "$AWS_SESSION_TOKEN" --profile $MFA_PROFILE_NAME
         aws configure set aws_access_key_id "$AWS_ACCESS_KEY_ID" --profile $MFA_PROFILE_NAME

From 83dbff5141971a6bc9c39b32b9d8794d9e13f521 Mon Sep 17 00:00:00 2001
From: rgennisse <31985884+rgennisse@users.noreply.github.com>
Date: Thu, 5 Mar 2020 11:33:39 +0100
Subject: [PATCH 2/2] Update generateMFASecurityToken.sh

My change added quotes the the config file. This breaks it. So I added an extra -r to strip the variables from there quotes.
---
 generateMFASecurityToken.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/generateMFASecurityToken.sh b/generateMFASecurityToken.sh
index f571fa7..5b2a505 100644
--- a/generateMFASecurityToken.sh
+++ b/generateMFASecurityToken.sh
@@ -54,10 +54,10 @@ if [ "$GENERATE_ST" = "true" ];then
     if [ $? -ne 0 ];then
         echo "An error occured. AWS credentials file not updated"
     else
-        AWS_ACCESS_KEY_ID=`echo $creds |jq .Credentials.AccessKeyId`
-        EXPIRATION=`echo $creds |jq .Credentials.Expiration`
-        AWS_SECRET_ACCESS_KEY=`echo $creds |jq .Credentials.SecretAccessKey`
-        AWS_SESSION_TOKEN=`echo $creds |jq .Credentials.SessionToken`
+        AWS_ACCESS_KEY_ID=`echo $creds |jq -r .Credentials.AccessKeyId`
+        EXPIRATION=`echo $creds |jq -r .Credentials.Expiration`
+        AWS_SECRET_ACCESS_KEY=`echo $creds |jq -r .Credentials.SecretAccessKey`
+        AWS_SESSION_TOKEN=`echo $creds |jq -r .Credentials.SessionToken`
 
         aws configure set aws_secret_access_key "$AWS_SECRET_ACCESS_KEY" --profile $MFA_PROFILE_NAME
         aws configure set aws_session_token "$AWS_SESSION_TOKEN" --profile $MFA_PROFILE_NAME