Remote work login script

logins.sh

#!/usr/local/bin/bash

### This assumes you are on the VPN already.

# Log in to the 1pw vault
eval $(op signin work)
if [[ -z $OP_SESSION_work ]]; then
    echo "!! Error logging into 1password"
    exit 1
else
    echo ">> Logged into 1password vault"
fi

# Log in to Okta
echo ">> Logging into Okta"
op get item "Okta - Work" --fields password | pbcopy
echo "  >> Okta password copied to clipboard"
echo "  >> Opening Okta in Chrome"

open https://go/okta

# pause till okta is logged in
read -rsn1 -p "    >> Complete login and then press any key to continue"; echo

# Log in to MQ vault with my ldap password
echo ">> Logging into vault"
op get item "IDM" --fields username,password,url | jq -r .password | xargs -I"{}" vault login -method ldap password={}

# Get the expiration for aws creds, and log in to it if needed
echo ">> Checking AWS expiration"
remaining=$(aws profile list | grep work01-admin | awk '{ print $2 }' | sed $'s,\x1b\\[[0-9;]*[a-zA-Z],,g')
if [[ $remaining == "Expired" ]]; then
    echo ">> AWS access expired, renewing"
    mq aws-profile login
else
    expires=$(echo $remaining | tr -d 'm')

    if (( $expires < 120 )); then
        echo ">> AWS access expires soon, renewing"
        aws profile login
    else
        echo ">> AWS token expires in $expires minutes, login not necessary"
    fi
fi