Refine search
@Override public AWSCredentials getCredentials() { String accessKey = System.getenv(ACCESS_KEY_ENV_VAR); if (accessKey == null) { accessKey = System.getenv(ALTERNATE_ACCESS_KEY_ENV_VAR); } String secretKey = System.getenv(SECRET_KEY_ENV_VAR); if (secretKey == null) { secretKey = System.getenv(ALTERNATE_SECRET_KEY_ENV_VAR); } accessKey = StringUtils.trim(accessKey); secretKey = StringUtils.trim(secretKey); String sessionToken = StringUtils.trim(System.getenv(AWS_SESSION_TOKEN_ENV_VAR)); if (StringUtils.isNullOrEmpty(accessKey) || StringUtils.isNullOrEmpty(secretKey)) { throw new SdkClientException( "Unable to load AWS credentials from environment variables " + "(" + ACCESS_KEY_ENV_VAR + " (or " + ALTERNATE_ACCESS_KEY_ENV_VAR + ") and " + SECRET_KEY_ENV_VAR + " (or " + ALTERNATE_SECRET_KEY_ENV_VAR + "))"); } return sessionToken == null ? new BasicAWSCredentials(accessKey, secretKey) : new BasicSessionCredentials(accessKey, secretKey, sessionToken); }
public AWSCredentials getCredentials() { if (sessionToken.isEmpty()) { return new BasicAWSCredentials(accessKey, secretKey); } else { return new BasicSessionCredentials(accessKey, secretKey, sessionToken); } } public void refresh() {}
new BasicSessionCredentials( credentials.getAccessKeyId(), credentials.getSecretAccessKey(),
private AWSSessionCredentials createSessionCredentials(Config config, SecretProvider secrets, BasicAWSCredentials baseCredential) { List<AcceptableUri> acceptableUris = buildAcceptableUriForSessionCredentials(config, baseCredential); if (!config.get("temp_credentials", Boolean.class, true)) { return new BasicSessionCredentials( baseCredential.getAWSAccessKeyId(), baseCredential.getAWSSecretKey(), null ); } AWSSessionCredentialsFactory sessionCredentialsFactory = new AWSSessionCredentialsFactory(baseCredential, acceptableUris); Optional<String> roleArn = getSecretOptionalValue(secrets, "role_arn"); if (roleArn.isPresent()) { sessionCredentialsFactory.withRoleArn(roleArn.get()); Optional<String> roleSessionName = secrets.getSecretOptional("role_session_name"); if (roleSessionName.isPresent()) { sessionCredentialsFactory.withRoleSessionName(roleSessionName.get()); } } Optional<Integer> durationSeconds = config.getOptional("session_duration", Integer.class); if (durationSeconds.isPresent()) { sessionCredentialsFactory.withDurationSeconds(durationSeconds.get()); } return sessionCredentialsFactory.get(); }
String accessKey = credentials.getAWSAccessKeyId(); String secretKey = credentials.getAWSSecretKey(); String sessionToken = credentials.getSessionToken();
sessionToken = ((BasicSessionCredentials) awsCredentialsProvider.getCredentials()).getSessionToken();
return new BasicSessionCredentials(accessKeyId, secretKey, token); return new BasicAWSCredentials(accessKeyId, secretKey);
/** * Returns immutable session credentials for this session, beginning a new one if necessary. */ public synchronized AWSSessionCredentials getImmutableCredentials() { Credentials creds = getSessionCredentials(); return new BasicSessionCredentials(creds.getAccessKeyId(), creds.getSecretAccessKey(), creds.getSessionToken()); }
@Override public Credentials get() { String identity = getIdentity() != null ? getIdentity().trim() : null; String credential = getCredential() != null ? getCredential().trim() : null; if (identity == null || identity.isEmpty() || credential == null || credential.isEmpty()) { DefaultAWSCredentialsProviderChain chain = new DefaultAWSCredentialsProviderChain(); AWSCredentials cred = chain.getCredentials(); if (cred instanceof BasicSessionCredentials) { BasicSessionCredentials sesCred = (BasicSessionCredentials)cred; return new SessionCredentials.Builder() .identity(sesCred.getAWSAccessKeyId()) .credential(sesCred.getAWSSecretKey()) .sessionToken(sesCred.getSessionToken()) .build(); } else { return new Credentials.Builder<>() .identity(cred.getAWSAccessKeyId()) .credential(cred.getAWSSecretKey()) .build(); } } return super.get(); } }
@Override public AWSCredentials getCredentials() { String accessKey = StringUtils.trim(System.getProperty(ACCESS_KEY_SYSTEM_PROPERTY)); String secretKey = StringUtils.trim(System.getProperty(SECRET_KEY_SYSTEM_PROPERTY)); String sessionToken = StringUtils.trim(System.getProperty(SESSION_TOKEN_SYSTEM_PROPERTY)); if (StringUtils.isNullOrEmpty(accessKey) || StringUtils.isNullOrEmpty(secretKey)) { throw new SdkClientException( "Unable to load AWS credentials from Java system " + "properties (" + ACCESS_KEY_SYSTEM_PROPERTY + " and " + SECRET_KEY_SYSTEM_PROPERTY + ")"); } if (StringUtils.isNullOrEmpty(sessionToken)) { return new BasicAWSCredentials(accessKey, secretKey); } else { return new BasicSessionCredentials(accessKey, secretKey, sessionToken); } }
private static void applicationCredentials(Config conf, String serviceName, Consumer<AWSCredentialsProvider> consumer) { String accessKey = find(conf, "aws." + serviceName + "." + ACCESS_KEY, "aws." + ACCESS_KEY); if (accessKey != null) { String secretKey = find(conf, "aws." + serviceName + "." + SECRET_KEY, "aws." + SECRET_KEY); String sessionToken = find(conf, "aws." + serviceName + "." + SESSION_TOKEN, "aws." + SESSION_TOKEN); AWSCredentials credentials = sessionToken == null ? new BasicAWSCredentials(accessKey, secretKey) : new BasicSessionCredentials(accessKey, secretKey, sessionToken); consumer.accept(new AWSStaticCredentialsProvider(credentials)); } }
SessionCredentialsHolder(Credentials credentials) { this.sessionCredentials = new BasicSessionCredentials(credentials.getAccessKeyId(), credentials.getSecretAccessKey(), credentials.getSessionToken()); this.sessionCredentialsExpiration = credentials.getExpiration(); }
@Test public void useSession() { BasicSessionCredentials sessionCredentials = getSessionCredentials(); ConfigSource config = this.config.deepCopy() .set("auth_method", "session") .set("access_key_id", sessionCredentials.getAWSAccessKeyId()) .set("secret_access_key", sessionCredentials.getAWSSecretKey()) .set("session_token", sessionCredentials.getSessionToken()); doTest(config); }
throw new SdkClientException("Unable to load credentials."); credentials = new BasicSessionCredentials(accessKey.asText(), secretKey.asText(), token.asText()); } else { credentials = new BasicAWSCredentials(accessKey.asText(), secretKey.asText());
/** * Parse the process output to retrieve the credentials. */ private AWSCredentials credentials(JsonNode credentialsJson) { String accessKeyId = getText(credentialsJson, "AccessKeyId"); String secretAccessKey = getText(credentialsJson, "SecretAccessKey"); String sessionToken = getText(credentialsJson, "SessionToken"); ValidationUtils.assertStringNotEmpty(accessKeyId, "AccessKeyId"); ValidationUtils.assertStringNotEmpty(accessKeyId, "SecretAccessKey"); if (sessionToken != null) { return new BasicSessionCredentials(accessKeyId, secretAccessKey, sessionToken); } else { return new BasicAWSCredentials(accessKeyId, secretAccessKey); } }
/** * Starts a new session by sending a request to the AWS Security Token * Service (STS) with the long lived AWS credentials. This class then vends * the short lived session credentials sent back from STS. */ private void startSession() { AssumeRoleWithWebIdentityResult sessionTokenResult = securityTokenService .assumeRoleWithWebIdentity(new AssumeRoleWithWebIdentityRequest().withWebIdentityToken(wifToken) .withProviderId(wifProvider) .withRoleArn(roleArn) .withRoleSessionName("ProviderSession") .withDurationSeconds(this.sessionDuration)); Credentials stsCredentials = sessionTokenResult.getCredentials(); subjectFromWIF = sessionTokenResult.getSubjectFromWebIdentityToken(); sessionCredentials = new BasicSessionCredentials( stsCredentials.getAccessKeyId(), stsCredentials.getSecretAccessKey(), stsCredentials.getSessionToken()); sessionCredentialsExpiration = stsCredentials.getExpiration(); }
@SuppressWarnings("unchecked") @Override public PutObjectResult answer(InvocationOnMock invocation) throws Throwable { AmazonS3Client amazonS3Client = invocation.getArgument(1); AWSCredentialsProviderChain awsCredentialsProviderChain = (AWSCredentialsProviderChain) ReflectionTestUtils.getField(amazonS3Client, "awsCredentialsProvider"); List<AWSCredentialsProvider> credentialsProviders = (List<AWSCredentialsProvider>) ReflectionTestUtils.getField(awsCredentialsProviderChain, "credentialsProviders"); assertEquals(2, credentialsProviders.size()); // refresh() does nothing, but gives code coverage credentialsProviders.get(0).refresh(); /* * We can't inspect the field directly since the class definition is private. * Instead we call the getCredentials() and verify that it returns the credentials staged as part of this test. */ AWSCredentials credentials = awsCredentialsProviderChain.getCredentials(); assertEquals(BasicSessionCredentials.class, credentials.getClass()); BasicSessionCredentials basicSessionCredentials = (BasicSessionCredentials) credentials; assertEquals(awsAccessKey, basicSessionCredentials.getAWSAccessKeyId()); assertEquals(awsSecretKey, basicSessionCredentials.getAWSSecretKey()); assertEquals(awsSessionToken, basicSessionCredentials.getSessionToken()); return new PutObjectResult(); } });
private AWSCredentials fromStaticCredentials() { if (StringUtils.isNullOrEmpty(profile.getAwsAccessIdKey())) { throw new SdkClientException(String.format( "Unable to load credentials into profile [%s]: AWS Access Key ID is not specified.", profile.getProfileName())); } if (StringUtils.isNullOrEmpty(profile.getAwsSecretAccessKey())) { throw new SdkClientException(String.format( "Unable to load credentials into profile [%s]: AWS Secret Access Key is not specified.", profile.getAwsSecretAccessKey())); } if (profile.getAwsSessionToken() == null) { return new BasicAWSCredentials(profile.getAwsAccessIdKey(), profile.getAwsSecretAccessKey()); } else { if (profile.getAwsSessionToken().isEmpty()) { throw new SdkClientException(String.format( "Unable to load credentials into profile [%s]: AWS Session Token is empty.", profile.getProfileName())); } return new BasicSessionCredentials(profile.getAwsAccessIdKey(), profile.getAwsSecretAccessKey(), profile.getAwsSessionToken()); } }
/** * Loads the individual access key ID and secret key from the specified * credentials and trimming any extra whitespace from the credentials. * * @param credentials AWSCredentials to be sanitized. * @return A new credentials object with the sanitized credentials. */ AWSCredentials sanitizeCredentials(AWSCredentials credentials) { String accessKeyId = null; String secretKey = null; String token = null; accessKeyId = credentials.getAWSAccessKeyId(); secretKey = credentials.getAWSSecretKey(); if (credentials instanceof AWSSessionCredentials) { token = ((AWSSessionCredentials) credentials).getSessionToken(); } if (secretKey != null) { secretKey = secretKey.trim(); } if (accessKeyId != null) { accessKeyId = accessKeyId.trim(); } if (token != null) { token = token.trim(); } if (credentials instanceof AWSSessionCredentials) { return new BasicSessionCredentials(accessKeyId, secretKey, token); } return new BasicAWSCredentials(accessKeyId, secretKey); }
/** * Load the credentials from prefs */ void loadCachedCredentials() { Log.d(TAG, "Loading credentials from SharedPreferences"); sessionCredentialsExpiration = new Date(prefs.getLong(namespace(EXP_KEY), 0)); // make sure we have valid data in prefs boolean hasAK = prefs.contains(namespace(AK_KEY)); boolean hasSK = prefs.contains(namespace(SK_KEY)); boolean hasST = prefs.contains(namespace(ST_KEY)); if (!hasAK || !hasSK || !hasST) { Log.d(TAG, "No valid credentials found in SharedPreferences"); sessionCredentialsExpiration = null; return; } String AK = prefs.getString(namespace(AK_KEY), null); String SK = prefs.getString(namespace(SK_KEY), null); String ST = prefs.getString(namespace(ST_KEY), null); sessionCredentials = new BasicSessionCredentials(AK, SK, ST); }