Example 1 with BasicSessionCredentials
use of com.amazonaws.auth.BasicSessionCredentials in project herd by FINRAOS.
the class S3DaoTest method testGetAWSCredentialsProviderAssertAdditionalProviderIsSet.
/**
* A case where additional credentials provider is given in the request params. The credentials returned should be an AWS session credential where the
* values are from the provided custom credentials provider.
*/
@Test
public void testGetAWSCredentialsProviderAssertAdditionalProviderIsSet() throws Exception {
S3Operations originalS3Operations = (S3Operations) ReflectionTestUtils.getField(s3Dao, "s3Operations");
S3Operations mockS3Operations = mock(S3Operations.class);
ReflectionTestUtils.setField(s3Dao, "s3Operations", mockS3Operations);
try {
String s3BucketName = "s3BucketName";
String s3KeyPrefix = "s3KeyPrefix";
String awsAccessKey = "awsAccessKey";
String awsSecretKey = "awsSecretKey";
String awsSessionToken = "awsSessionToken";
S3FileTransferRequestParamsDto s3FileTransferRequestParamsDto = new S3FileTransferRequestParamsDto();
s3FileTransferRequestParamsDto.setS3BucketName(s3BucketName);
s3FileTransferRequestParamsDto.setS3KeyPrefix(s3KeyPrefix);
s3FileTransferRequestParamsDto.setAdditionalAwsCredentialsProviders(Arrays.asList(new HerdAWSCredentialsProvider() {
@Override
public AwsCredential getAwsCredential() {
return new AwsCredential(awsAccessKey, awsSecretKey, awsSessionToken, null);
}
}));
when(mockS3Operations.putObject(any(), any())).then(new Answer<PutObjectResult>() {
@SuppressWarnings("unchecked")
@Override
public PutObjectResult answer(InvocationOnMock invocation) throws Throwable {
AmazonS3Client amazonS3Client = invocation.getArgument(1);
AWSCredentialsProviderChain awsCredentialsProviderChain = (AWSCredentialsProviderChain) ReflectionTestUtils.getField(amazonS3Client, "awsCredentialsProvider");
List<AWSCredentialsProvider> credentialsProviders = (List<AWSCredentialsProvider>) ReflectionTestUtils.getField(awsCredentialsProviderChain, "credentialsProviders");
assertEquals(2, credentialsProviders.size());
// refresh() does nothing, but gives code coverage
credentialsProviders.get(0).refresh();
/*
* We can't inspect the field directly since the class definition is private.
* Instead we call the getCredentials() and verify that it returns the credentials staged as part of this test.
*/
AWSCredentials credentials = awsCredentialsProviderChain.getCredentials();
assertEquals(BasicSessionCredentials.class, credentials.getClass());
BasicSessionCredentials basicSessionCredentials = (BasicSessionCredentials) credentials;
assertEquals(awsAccessKey, basicSessionCredentials.getAWSAccessKeyId());
assertEquals(awsSecretKey, basicSessionCredentials.getAWSSecretKey());
assertEquals(awsSessionToken, basicSessionCredentials.getSessionToken());
return new PutObjectResult();
}
});
s3Dao.createDirectory(s3FileTransferRequestParamsDto);
} finally {
ReflectionTestUtils.setField(s3Dao, "s3Operations", originalS3Operations);
}
}
Also used :
BasicSessionCredentials(com.amazonaws.auth.BasicSessionCredentials)
S3FileTransferRequestParamsDto(org.finra.herd.model.dto.S3FileTransferRequestParamsDto)
PutObjectResult(com.amazonaws.services.s3.model.PutObjectResult)
AWSCredentials(com.amazonaws.auth.AWSCredentials)
DefaultAWSCredentialsProviderChain(com.amazonaws.auth.DefaultAWSCredentialsProviderChain)
AWSCredentialsProviderChain(com.amazonaws.auth.AWSCredentialsProviderChain)
HerdAWSCredentialsProvider(org.finra.herd.model.dto.HerdAWSCredentialsProvider)
AmazonS3Client(com.amazonaws.services.s3.AmazonS3Client)
InvocationOnMock(org.mockito.invocation.InvocationOnMock)
List(java.util.List)
ArrayList(java.util.ArrayList)
AwsCredential(org.finra.herd.model.api.xml.AwsCredential)
HerdAWSCredentialsProvider(org.finra.herd.model.dto.HerdAWSCredentialsProvider)
AWSCredentialsProvider(com.amazonaws.auth.AWSCredentialsProvider)
Test(org.junit.Test)
Example 2 with BasicSessionCredentials
use of com.amazonaws.auth.BasicSessionCredentials in project Gatekeeper by FINRAOS.
the class AwsSessionService method getFreshCredentials.
private BasicSessionCredentials getFreshCredentials(AWSEnvironment environment) throws GatekeeperException {
logger.info("Assuming role for environment " + environment.getAccount() + " on region " + environment.getRegion() + " with timeout of " + (sessionTimeout / 1000) + " seconds (with " + (sessionTimeoutPad / 1000) + " padding.)");
AssumeRoleRequest assumeRequest = new AssumeRoleRequest().withRoleArn(getRoleArn(environment.getAccount())).withDurationSeconds((sessionTimeout + sessionTimeoutPad) / 1000).withRoleSessionName("GATEKEEPER_APP");
AssumeRoleResult assumeResult = awsSecurityTokenServiceClient.assumeRole(assumeRequest);
return new BasicSessionCredentials(assumeResult.getCredentials().getAccessKeyId(), assumeResult.getCredentials().getSecretAccessKey(), assumeResult.getCredentials().getSessionToken());
}
Also used :
AssumeRoleRequest(com.amazonaws.services.securitytoken.model.AssumeRoleRequest)
BasicSessionCredentials(com.amazonaws.auth.BasicSessionCredentials)
AssumeRoleResult(com.amazonaws.services.securitytoken.model.AssumeRoleResult)
Example 3 with BasicSessionCredentials
use of com.amazonaws.auth.BasicSessionCredentials in project cloudbreak by hortonworks.
the class AwsSessionCredentialClient method retrieveSessionCredentials.
public BasicSessionCredentials retrieveSessionCredentials(AwsCredentialView awsCredential) {
LOGGER.debug("retrieving session credential");
AWSSecurityTokenServiceClient client = awsSecurityTokenServiceClient();
AssumeRoleRequest assumeRoleRequest = new AssumeRoleRequest().withDurationSeconds(DEFAULT_SESSION_CREDENTIALS_DURATION).withExternalId(externalId).withRoleArn(awsCredential.getRoleArn()).withRoleSessionName("hadoop-provisioning");
AssumeRoleResult result = client.assumeRole(assumeRoleRequest);
return new BasicSessionCredentials(result.getCredentials().getAccessKeyId(), result.getCredentials().getSecretAccessKey(), result.getCredentials().getSessionToken());
}
Also used :
AssumeRoleRequest(com.amazonaws.services.securitytoken.model.AssumeRoleRequest)
BasicSessionCredentials(com.amazonaws.auth.BasicSessionCredentials)
AWSSecurityTokenServiceClient(com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient)
AssumeRoleResult(com.amazonaws.services.securitytoken.model.AssumeRoleResult)
Example 4 with BasicSessionCredentials
use of com.amazonaws.auth.BasicSessionCredentials in project beam by apache.
the class AwsModuleTest method testAWSStaticCredentialsProviderSerializationDeserialization.
@Test
public void testAWSStaticCredentialsProviderSerializationDeserialization() throws Exception {
AWSCredentialsProvider credentialsProvider = new AWSStaticCredentialsProvider(new BasicAWSCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY));
String serializedCredentialsProvider = serialize(credentialsProvider);
AWSCredentialsProvider deserializedCredentialsProvider = deserializeCredentialsProvider(serializedCredentialsProvider);
checkStaticBasicCredentials(deserializedCredentialsProvider);
credentialsProvider = new AWSStaticCredentialsProvider(new BasicSessionCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY, SESSION_TOKEN));
checkStaticSessionCredentials(credentialsProvider);
}
Also used :
AWSStaticCredentialsProvider(com.amazonaws.auth.AWSStaticCredentialsProvider)
BasicSessionCredentials(com.amazonaws.auth.BasicSessionCredentials)
AWSCredentialsProvider(com.amazonaws.auth.AWSCredentialsProvider)
BasicAWSCredentials(com.amazonaws.auth.BasicAWSCredentials)
Test(org.junit.Test)
Example 5 with BasicSessionCredentials
use of com.amazonaws.auth.BasicSessionCredentials in project beam by apache.
the class AwsSerializableUtilsTest method testStaticSessionCredentialsProviderSerialization.
@Test
public void testStaticSessionCredentialsProviderSerialization() {
AWSCredentialsProvider credentialsProvider = new AWSStaticCredentialsProvider(new BasicSessionCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY, SESSION_TOKEN));
String serializedCredentials = serialize(credentialsProvider);
checkStaticSessionCredentials(deserialize(serializedCredentials));
}
Also used :
AWSStaticCredentialsProvider(com.amazonaws.auth.AWSStaticCredentialsProvider)
BasicSessionCredentials(com.amazonaws.auth.BasicSessionCredentials)
AWSCredentialsProvider(com.amazonaws.auth.AWSCredentialsProvider)
Test(org.junit.Test)
Aggregations
BasicSessionCredentials (com.amazonaws.auth.BasicSessionCredentials)27
AWSStaticCredentialsProvider (com.amazonaws.auth.AWSStaticCredentialsProvider)8
BasicAWSCredentials (com.amazonaws.auth.BasicAWSCredentials)8
Credentials (com.amazonaws.services.securitytoken.model.Credentials)6
AWSCredentials (com.amazonaws.auth.AWSCredentials)5
AmazonS3Client (com.amazonaws.services.s3.AmazonS3Client)5
Test (org.junit.Test)5
AWSCredentialsProvider (com.amazonaws.auth.AWSCredentialsProvider)4
AssumeRoleRequest (com.amazonaws.services.securitytoken.model.AssumeRoleRequest)4
AssumeRoleResult (com.amazonaws.services.securitytoken.model.AssumeRoleResult)4
AmazonServiceException (com.amazonaws.AmazonServiceException)3
ClientConfiguration (com.amazonaws.ClientConfiguration)3
SdkClientException (com.amazonaws.SdkClientException)3
AmazonS3 (com.amazonaws.services.s3.AmazonS3)3
AmazonClientException (com.amazonaws.AmazonClientException)2
ProfileCredentialsProvider (com.amazonaws.auth.profile.ProfileCredentialsProvider)2
ObjectListing (com.amazonaws.services.s3.model.ObjectListing)2
AWSSecurityTokenService (com.amazonaws.services.securitytoken.AWSSecurityTokenService)2
IOException (java.io.IOException)2
AWSCredentialsProviderChain (com.amazonaws.auth.AWSCredentialsProviderChain)1
