Add config option to output otp-code only

[posquit0]

Summary

• otp --password, -o #1150
• I need to output otp password only as default.
• aws-vault supports pass for MFA prompt. But I cannot use gopass for MFA prompt of aws-vault with following error.

2021/10/24 17:56:05 aws-vault 6.3.1-Homebrew
2021/10/24 17:56:05 Loading config file /Users/claud/.aws/config
2021/10/24 17:56:05 Parsing config file /Users/claud/.aws/config
2021/10/24 17:56:05 [keyring] Considering backends: [pass]
2021/10/24 17:56:05 profile claud: using stored credentials
2021/10/24 17:56:05 profile claud: using GetSessionToken (with MFA)
2021/10/24 17:56:05 Fetching MFA code using `pass otp arn:aws:iam::xxxxxxxxxxxx:mfa/xxxxxxxxxxxxx`
2021/10/24 17:56:05 Using STS endpoint https://sts.ap-northeast-2.amazonaws.com
2021/10/24 17:56:05 Looking up keyring for 'claud'
aws-vault: error: exec: Failed to get credentials for claud: ValidationError: 2 validation errors detected: Value '976249 lasts 24s 	|------========================|' at 'tokenCode' failed to satisfy constraint: Member must have length less than or equal to 6; Value '976249 lasts 24s 	|------========================|' at 'tokenCode' failed to satisfy constraint: Member must satisfy regular expression pattern: [\d]*
	status code: 400, request id: 5a48f167-36d6-4b7f-97ce-1cdededc9f5c

[AnomalRoil]

Please, could you test your use-case with aws-vault using this branch: https://github.com/AnomalRoil/gopass/tree/fix-2017

[posquit0]

Sorry for late. It seems working..!! 👍🏼 👍🏼

> aws-vault exec claud --debug -- aws sts get-caller-identity
2021/10/30 00:53:30 aws-vault 6.3.1-Homebrew
2021/10/30 00:53:30 Loading config file /Users/claud/.aws/config
2021/10/30 00:53:30 Parsing config file /Users/claud/.aws/config
2021/10/30 00:53:30 [keyring] Considering backends: [pass]
2021/10/30 00:53:30 profile claud: using stored credentials
2021/10/30 00:53:30 profile claud: using GetSessionToken (with MFA)
2021/10/30 00:53:30 Fetching MFA code using `pass otp arn:aws:iam::xxxxxxxxxxxxxxx:mfa/claud`
2021/10/30 00:53:30 Using STS endpoint https://sts.ap-northeast-2.amazonaws.com
2021/10/30 00:53:30 Looking up keyring for 'claud'
2021/10/30 00:53:31 Generated credentials ****************xxx using GetSessionToken, expires in 59m59.768193s
2021/10/30 00:53:34 Setting subprocess env: AWS_DEFAULT_REGION=ap-northeast-2, AWS_REGION=ap-northeast-2
2021/10/30 00:53:34 Setting subprocess env: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
2021/10/30 00:53:34 Setting subprocess env: AWS_SESSION_TOKEN, AWS_SECURITY_TOKEN
2021/10/30 00:53:34 Setting subprocess env: AWS_SESSION_EXPIRATION
2021/10/30 00:53:34 Exec command aws sts get-caller-identity
2021/10/30 00:53:34 Found executable /usr/local/bin/aws
{
    "UserId": "xxxxxxxxxxx",
    "Account": "xxxxxxxxx",
    "Arn": "arn:aws:iam::7xxxxxxxxx:user/xxxxxxxxx"
}

thank you so much!