From 02fb5ee319f842d98a08db43704b57101011b2b4 Mon Sep 17 00:00:00 2001
From: Chase <chaseadwagoner@gmail.com>
Date: Thu, 29 Oct 2020 23:59:20 -0700
Subject: [PATCH] Add Okta org scope to keyring entries

---
 gimme_aws_creds/okta.py | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/gimme_aws_creds/okta.py b/gimme_aws_creds/okta.py
index c7c21cd0..8007c021 100644
--- a/gimme_aws_creds/okta.py
+++ b/gimme_aws_creds/okta.py
@@ -354,7 +354,7 @@ def _login_username_password(self, state_token, url):
                 if self.KEYRING_ENABLED:
                     try:
                         self.ui.info("Stored password is invalid, clearing.  Please try again")
-                        keyring.delete_password(self.KEYRING_SERVICE, creds['username'])
+                        keyring.delete_password(self.KEYRING_SERVICE, self._keyring_username)
                     except PasswordDeleteError:
                         pass
             raise errors.GimmeAWSCredsError(
@@ -857,6 +857,10 @@ def _build_factor_name(self, factor):
         else:
             return "Unknown MFA type: " + factor['factorType']
 
+    @property
+    def _keyring_username(self):
+        return self._username + " @ " + self._okta_org_url
+
     def _get_username_password_creds(self):
         """Get's creds for Okta login from the user."""
 
@@ -869,7 +873,7 @@ def _get_username_password_creds(self):
         if not password and self.KEYRING_ENABLED:
             try:
                 # If the OS supports a keyring, offer to save the password
-                password = keyring.get_password(self.KEYRING_SERVICE, username)
+                password = keyring.get_password(self.KEYRING_SERVICE, self._keyring_username)
                 self.ui.info("Using password from keyring for {}".format(username))
             except RuntimeError:
                 self.ui.warning("Unable to get password from keyring.")
@@ -886,7 +890,7 @@ def _get_username_password_creds(self):
                 # If the OS supports a keyring, offer to save the password
                 if self.ui.input("Do you want to save this password in the keyring? (y/N) ") == 'y':
                     try:
-                        keyring.set_password(self.KEYRING_SERVICE, username, password)
+                        keyring.set_password(self.KEYRING_SERVICE, self._keyring_username, password)
                         self.ui.info("Password for {} saved in keyring.".format(username))
                     except RuntimeError as err:
                         self.ui.warning("Failed to save password in keyring: " + str(err))