Automate Cisco AnyConnect VPN client with lastpass on OSX

cisco.osascript

-- 1. Open Security & Privacy System Preferences, go to Privacy, Accessibility
-- 2. Enable Applescript Editor

-- Usage: <script> gatewayHostName password
-- based on https://gist.github.com/andrewh/7135352 and https://github.com/seanfisk/juniper-network-connect-vpn-applescript/blob/master/juniper.applescript

on run argv
	if (count of argv) is not equal to 2 then
		return "Usage: <script> gatewayHostName password"
	else

		set {gatewayHostName, pw} to argv
		
		tell application "Cisco AnyConnect Secure Mobility Client"
			activate
		end tell
		repeat until application "Cisco AnyConnect Secure Mobility Client" is running
			delay 1
		end repeat
		tell application "System Events"
			repeat until (window 1 of process "Cisco AnyConnect Secure Mobility Client" exists)
				delay 1
			end repeat
			tell process "Cisco AnyConnect Secure Mobility Client"
				keystroke (gatewayHostName as string)
				keystroke return
			end tell
			repeat until (window 2 of process "Cisco AnyConnect Secure Mobility Client" exists)
				delay 1
			end repeat
			tell process "Cisco AnyConnect Secure Mobility Client"
				keystroke (pw as string)
				keystroke return
			end tell
		end tell

	end if
end run

vpn_cisco.sh

#!/bin/bash
# collect credentials from lastpass, run the VPN client, issue a Duo push request
# requires Cisco AnyConnect Secure Mobility Client and LastPass CLI

host=vpn.example.com

pw=$( lpass show --name "$host" --password )

osascript cisco.osascript "$host" "$pw"