Improve install script (oktadev#264)

* Here documents and minor cleanup for install.sh

* Write #OktaAWSCLI to bash_functions

* Move Fish functions into .okta

* Print advice instead of writing to .bash_profile

* Write all files to ~/.okta instead of /usr/local

* Print info messages

* Preserve jar filename and symlink

* Use $HOME in advice

* Print advice about post-installation configuration

* Improve advice and info messages

* Add awscli script

* Allow sourcing, improve info output

* Ensure config.properties resides in ~/.okta

* Add option parsing and PREFIX processing

* Update README installation instructions

* Minor edit

* Remove eval statement

Readme.MD

@@ -40,11 +40,13 @@ This tool has been verified to work on macOS Sierra, High Sierra, Windows Server
 
 ### macOS/Linux
 
-1. Run the following in a Terminal:
+1. Run the following in a Terminal, optionally setting a custom
+ `PREFIX` value (default: `~/.okta`):
+
  ```bash
- export PREFIX=/usr/local
- curl 'https://raw.githubusercontent.com/oktadeveloper/okta-aws-cli-assume-role/master/bin/install.sh' | bash
+ PREFIX=~/.okta bash <(curl -fsSL https://raw.githubusercontent.com/oktadeveloper/okta-aws-cli-assume-role/master/bin/install.sh) -i
  ```
+
 2. Customize **~/.okta/config.properties** and set **OKTA_ORG** and **OKTA_AWS_APP_URL** appropriately. For example,
 
  ```properties

bin/install.sh

@@ -14,73 +14,124 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-PREFIX=${PREFIX:=/usr/local}
+repo_url="https://github.com/oktadeveloper/okta-aws-cli-assume-role"
+dotokta="${HOME}/.okta"
 
-java -version > /dev/null 2>&1
-if [ $? -ne 0 ];
-then
- echo 'Warning: Java is not installed. Make sure to install that'
+printusage() {
+ cat <<EOF >&2
+usage: $(basename $0) [-h | -i]
+ install Okta AWS CLI Assume Role tool
+EOF
+}
+
+printhelp() {
+ cat <<EOF | sed "s#$HOME#~#g"
+Installation script for Okta AWS CLI Assume Role
+================================================
+
+To execute:
+
+ $(basename $0) -i
+
+This command
+
+1. Installs files into a filesystem location that can be configured
+ with the PREFIX environment variable (default: ${dotokta}) and
+2. Prints instructions for setting up shell functions and scripts.
+
+This script checks for (and installs if necessary) the file
+~/.okta/config.properties regardless of the value of PREFIX.
+
+For details, see ${repo_url}.
+EOF
+}
+
+while getopts ":ih" opt; do
+ case ${opt} in
+ h)
+ printhelp
+ exit
+ ;;
+ i)
+ install=1
+ ;;
+ \?)
+ printusage
+ exit 64
+ ;;
+ esac
+done
+shift $((OPTIND -1))
+if [[ -z "$install" || "$#" -gt 0 ]]; then
+ printusage
+ exit 64
+fi
+
+if ! java -version &>/dev/null; then
+ echo "Warning: Java is not installed. Make sure to install that" >&2
 fi
-aws --version > /dev/null 2>&1
-if [ $? -ne 0 ];
-then
- echo 'Warning: AWS CLI is not installed. Make sure to install that'
+if ! aws --version &>/dev/null; then
+ echo "Warning: AWS CLI is not installed. Make sure to install that" >&2
 fi
 
-mkdir -p ${HOME}/.okta
-releaseUrl=$(curl --head --silent https://github.com/oktadeveloper/okta-aws-cli-assume-role/releases/latest | grep 'Location:' | cut -c11-)
+PREFIX="${PREFIX:=$dotokta}"
+mkdir -p "${PREFIX}"
+PREFIX="$(cd -P -- "${PREFIX}" && pwd)"
+echo "Installing into ${PREFIX}" | sed "s#$HOME#~#g"
+
+mkdir -p ${PREFIX}
+releaseUrl=$(curl --head --silent ${repo_url}/releases/latest | grep "Location:" | cut -c11-)
 releaseTag=$(echo $releaseUrl | awk 'BEGIN{FS="/"}{print $8}' | tr -d '\r')
-curl -L "https://github.com/oktadeveloper/okta-aws-cli-assume-role/releases/download/${releaseTag}/okta-aws-cli-${releaseTag:1}.jar" --output "${HOME}/.okta/okta-aws-cli.jar"
+url=${repo_url}/releases/download/${releaseTag}/okta-aws-cli-${releaseTag:1}.jar
+dest=${PREFIX}/$(basename ${url})
+echo "Latest release JAR file: ${url}"
+echo "Fetching JAR file → ${dest}" | sed "s#$HOME#~#g"
+curl -Ls -o "${dest}" "${url}"
+
+jarpath="${PREFIX}/okta-aws-cli.jar"
+echo "Symlinking ${jarpath} → $(basename ${dest})" | sed "s#$HOME#~#g"
+ln -s $(basename ${dest}) "${jarpath}"
 
 # bash functions
-bash_functions="${HOME}/.okta/bash_functions"
-grep '^#OktaAWSCLI' "${bash_functions}" > /dev/null 2>&1
-if [ $? -ne 0 ]
-then
-echo '
+bash_functions="${PREFIX}/bash_functions"
+if ! grep '^#OktaAWSCLI' "${bash_functions}" &>/dev/null; then
+ cat <<'EOF' >>"${bash_functions}"
+#OktaAWSCLI
 function okta-aws {
  withokta "aws --profile $1" $@
 }
 function okta-sls {
  withokta "sls --stage $1" $@
 }
-' >> "${bash_functions}"
+EOF
 fi
 
 # Create fish shell functions
-fishFunctionsDir="${HOME}/.config/fish/functions"
+fishFunctionsDir="${PREFIX}/fish_functions"
 mkdir -p "${fishFunctionsDir}"
-echo '
+cat <<'EOF' >"${fishFunctionsDir}/okta-aws.fish"
 function okta-aws
  withokta "aws --profile $argv[1]" $argv
 end
-' > "${fishFunctionsDir}/okta-aws.fish"
-echo '
+EOF
+cat <<'EOF' >"${fishFunctionsDir}/okta-sls.fish"
 function okta-sls
  withokta "sls --stage $argv[1]" $argv
 end
-' >> "${fishFunctionsDir}/okta-sls.fish"
-
-# Conditionally update bash profile
-bashProfile="${HOME}/.bash_profile"
-grep '^#OktaAWSCLI' "${bashProfile}" > /dev/null 2>&1
-if [ $? -ne 0 ]
-then
-echo "
-#OktaAWSCLI
-if [ -f \"${bash_functions}\" ]; then
- . \"${bash_functions}\"
-fi
-" >> "${bashProfile}"
-fi
+EOF
 
-# Suppress "Your profile name includes a 'profile ' prefix" warnings from AWS Java SDK (Resolves #233)
-loggingProperties="${HOME}/.okta/logging.properties"
-echo "com.amazonaws.auth.profile.internal.BasicProfileConfigLoader = NONE
-" > "${loggingProperties}"
+# Suppress "Your profile name includes a 'profile ' prefix" warnings
+# from AWS Java SDK (Resolves #233)
+loggingProperties="${PREFIX}/logging.properties"
+cat <<EOF >"${loggingProperties}"
+com.amazonaws.auth.profile.internal.BasicProfileConfigLoader = NONE
+EOF
+
+mkdir -p "${PREFIX}/bin"
 
 # Create withokta command
-echo '#!/bin/bash
+cat <<'EOF' >"${PREFIX}/bin/withokta"
+#!/bin/bash
 command="$1"
 profile=$2
 shift;
@@ -89,34 +140,63 @@ env OKTA_PROFILE=$profile java \
  -Djava.util.logging.config.file=~/.okta/logging.properties \
  -classpath ~/.okta/okta-aws-cli.jar \
  com.okta.tools.WithOkta $command $@
-' > "$PREFIX/bin/withokta"
-chmod +x "$PREFIX/bin/withokta"
+EOF
+chmod +x "${PREFIX}/bin/withokta"
 
 # Create okta-credential_process command
-echo '#!/bin/bash
+cat <<'EOF' >"${PREFIX}/bin/okta-credential_process"
+#!/bin/bash
 roleARN="$1"
 shift;
 env OKTA_AWS_ROLE_TO_ASSUME="$roleARN" \
  java -classpath ~/.okta/okta-aws-cli.jar com.okta.tools.CredentialProcess
-' > "$PREFIX/bin/okta-credential_process"
-chmod +x "$PREFIX/bin/okta-credential_process"
+EOF
+chmod +x "${PREFIX}/bin/okta-credential_process"
 
 # Create okta-listroles command
-echo '#!/bin/bash
+cat <<EOF >"${PREFIX}/bin/okta-listroles"
+#!/bin/bash
 java -classpath ~/.okta/okta-aws-cli.jar com.okta.tools.ListRoles
-' > "$PREFIX/bin/okta-listroles"
-chmod +x "$PREFIX/bin/okta-listroles"
+EOF
+chmod +x "${PREFIX}/bin/okta-listroles"
+
+# awscli
+cat <<'EOF' >"${PREFIX}/bin/awscli"
+#!/bin/bash
+java -Djava.util.logging.config.file=~/.okta/logging.properties \
+ -classpath ~/.okta/okta-aws-cli.jar \
+ com.okta.tools.awscli $@
+EOF
+chmod +x "${PREFIX}/bin/awscli"
 
 # Configure Okta AWS CLI
-oktaConfig="${HOME}/.okta/config.properties"
-grep '^#OktaAWSCLI' "${oktaConfig}" > /dev/null 2>&1
-if [ $? -ne 0 ]
-then
-echo "
+mkdir -p ${HOME}/.okta # `config.properties` must
+oktaConfig="${HOME}/.okta/config.properties" # reside in ~/.okta.
+if [[ -e "${oktaConfig}" ]]; then
+ echo "Found $(echo ${oktaConfig} | sed "s#$HOME#~#g")"
+else
+ echo "Creating example $(echo ${oktaConfig} | sed "s#$HOME#~#g")"
+ cat <<EOF >"${oktaConfig}"
 #OktaAWSCLI
 OKTA_ORG=acmecorp.okta.com.changeme.local
 OKTA_AWS_APP_URL=https://acmecorp.oktapreview.com.changeme.local/home/amazon_aws/0oa5zrwfs815KJmVF0h7/137
 OKTA_USERNAME=$env:USERNAME
 OKTA_BROWSER_AUTH=true
-" > "${oktaConfig}"
+EOF
+fi
+
+# Print advice for ~/.bash_profile
+shellstmt=$(cat <<EOF | sed "s#$HOME#\$HOME#g"
+#OktaAWSCLI
+if [[ -f "${bash_functions}" ]]; then
+ . "${bash_functions}"
+fi
+if [[ -d "${PREFIX}/bin" && ":\$PATH:" != *":${PREFIX}/bin:"* ]]; then
+ PATH="${PREFIX}/bin:\$PATH"
 fi
+EOF
+)
+echo
+echo "Add the following to ~/.bash_profile or ~/.profile:"
+echo
+echo "$shellstmt"