Bash function to update AWS FederationToken provided by NIMH Data Archive

refresh_nda_token.sh

#!/bin/bash
## NDA AWS Token Generator
## Author: NIMH Data Archives
##         http://ndar.nih.gov
## License: MIT
##          https://opensource.org/licenses/MIT

##############################################################################
#
# Script to retrieve generated AWS Tokens from NIMHDA
#
##############################################################################

refresh_aws_token() {
username="$username"
password="$password"
authorization=$(echo -n "$password" | sha1sum | sed 's/ .*//')
server="https://ndar.nih.gov/DataManager/dataManager"


##############################################################################
# Make Request
##############################################################################
REQUEST_XML=$(cat <<EOF
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
    <S:Body>
        <ns3:UserElement xmlns:ns4="http://dataManagerService"
                         xmlns:ns3="http://gov/nih/ndar/ws/datamanager/server/bean/jaxb"
                         xmlns:ns2="http://dataManager/transfer/model">
            <user>
                <id>0</id>
                <name>${username}</name>
                <password>${authorization}</password>
                <threshold>0</threshold>
            </user>
        </ns3:UserElement>
    </S:Body>
</S:Envelope>
EOF
)
RESPONSE_XML="$(curl -k -s --request POST -H "Content-Type: text/xml" -H "SOAPAction: \"generateToken\""  -d "$REQUEST_XML" $server)"

##############################################################################
# Handle Response
##############################################################################
ERROR=$(echo $RESPONSE_XML | grep -oP '(?<=<errorMessage>).*(?=</errorMessage>)')
if [ -n "$ERROR" ]; then
    echo "Error requesting token: $ERROR"
    exit 1;
fi

AWS_ACCESS_KEY_ID=$(echo $RESPONSE_XML | grep -oP '(?<=<accessKey>).*(?=</accessKey>)')
AWS_SECRET_ACCESS_KEY=$(echo $RESPONSE_XML | grep -oP '(?<=<secretKey>).*(?=</secretKey>)')
AWS_SESSION_TOKEN=$(echo $RESPONSE_XML | grep -oP '(?<=<sessionToken>).*(?=</sessionToken>)')
export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
export AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN
}

Load refresh_nda_token.sh into shell environment

source refresh_nda_token.sh

Run function to retrieve token, note username/password must be single-quoted if special characters are included

username=NDA_USERNAME
password=NDA_PASSWORD
refresh_nda_token

Use awscli, samtools, or other program that looks for AWS Credentials in the exported environment variables

aws s3 ls s3://nda-bsmn