From 9c6a486820dbcba6aa78d225b2d9cf336a1ec3f0 Mon Sep 17 00:00:00 2001
From: "Ben.Harvill" <benjamin.harvill@hbo.com>
Date: Wed, 10 Jan 2018 17:25:12 -0500
Subject: [PATCH] add aws_security_key to credentials file for ansible
 compatibility

---
 background/script.js | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/background/script.js b/background/script.js
index 0678371..000b336 100644
--- a/background/script.js
+++ b/background/script.js
@@ -138,7 +138,8 @@ function extractPrincipalPlusRoleAndAssumeRole(samlattribute, SAMLAssertion) {
 			var docContent = "[default] \n" +
 			"aws_access_key_id = " + data.Credentials.AccessKeyId + " \n" +
 			"aws_secret_access_key = " + data.Credentials.SecretAccessKey + " \n" +
-			"aws_session_token = " + data.Credentials.SessionToken;
+			"aws_session_token = " + data.Credentials.SessionToken + " \n" +
+			"aws_security_token = " + data.Credentials.SessionToken;
 
 			// If there are no Role ARNs configured in the options panel, continue to create credentials file
 			// Otherwise, extend docContent with a profile for each specified ARN in the options panel
@@ -174,7 +175,8 @@ function assumeAdditionalRole(profileList, index, AccessKeyId, SecretAccessKey,
 			"[" + profileList[index] + "] \n" +
 			"aws_access_key_id = " + data.Credentials.AccessKeyId + " \n" +
 			"aws_secret_access_key = " + data.Credentials.SecretAccessKey + " \n" +
-			"aws_session_token = " + data.Credentials.SessionToken;
+			"aws_session_token = " + data.Credentials.SessionToken + " \n" +
+			"aws_security_token = " + data.Credentials.SessionToken;
 		}
 		// If there are more profiles/roles in the RoleArns dict, do another call of assumeAdditionalRole to extend the docContent with another profile
 		// Otherwise, this is the last profile/role in the RoleArns dict. Proceed to creating the credentials file