Search in sources :

Example 16 with ProfileFile

use of software.amazon.awssdk.profiles.ProfileFile in project aws-sdk-java-v2 by aws.

the class ProfileCredentialsUtilsTest method profileWithBothCredentialSourceAndSourceProfileThrowsException.

@Test
public void profileWithBothCredentialSourceAndSourceProfileThrowsException() {
    ProfileFile configFile = configFile("[profile test]\n" + "source_profile=source\n" + "credential_source=Environment\n" + "role_arn=arn:aws:iam::123456789012:role/testRole3\n" + "\n" + "[profile source]\n" + "aws_access_key_id=defaultAccessKey\n" + "aws_secret_access_key=defaultSecretAccessKey");
    assertThatThrownBy(() -> new ProfileCredentialsUtils(configFile, configFile.profile("test").get(), configFile::profile).credentialsProvider()).isInstanceOf(IllegalStateException.class).hasMessageContaining("Invalid profile file: profile has both source_profile and credential_source.");
}
Also used : ProfileFile(software.amazon.awssdk.profiles.ProfileFile) Test(org.junit.jupiter.api.Test) ProcessCredentialsProviderTest(software.amazon.awssdk.auth.credentials.ProcessCredentialsProviderTest)

Example 17 with ProfileFile

use of software.amazon.awssdk.profiles.ProfileFile in project aws-sdk-java-v2 by aws.

the class ProfileCredentialsUtilsTest method roleProfileWithMissingSourceThrowsException.

@Test
public void roleProfileWithMissingSourceThrowsException() {
    ProfileFile profileFile = configFile("[profile test]\n" + "source_profile=source\n" + "role_arn=arn:aws:iam::123456789012:role/testRole");
    assertThatThrownBy(new ProfileCredentialsUtils(profileFile, profileFile.profile("test").get(), profileFile::profile)::credentialsProvider).hasMessageContaining("source profile has no credentials configured.");
}
Also used : ProfileFile(software.amazon.awssdk.profiles.ProfileFile) Test(org.junit.jupiter.api.Test) ProcessCredentialsProviderTest(software.amazon.awssdk.auth.credentials.ProcessCredentialsProviderTest)

Example 18 with ProfileFile

use of software.amazon.awssdk.profiles.ProfileFile in project aws-sdk-java-v2 by aws.

the class ProfileCredentialsUtilsTest method roleProfileCanInheritFromAnotherFile.

@Test
public void roleProfileCanInheritFromAnotherFile() {
    String sourceProperties = "aws_access_key_id=defaultAccessKey\n" + "aws_secret_access_key=defaultSecretAccessKey";
    String childProperties = "source_profile=source\n" + "role_arn=arn:aws:iam::123456789012:role/testRole";
    String configSource = "[profile source]\n" + sourceProperties;
    String credentialsSource = "[source]\n" + sourceProperties;
    String configChild = "[profile child]\n" + childProperties;
    String credentialsChild = "[child]\n" + childProperties;
    ProfileFile sourceProfile = aggregateFileProfiles(configSource, credentialsChild);
    ProfileFile configProfile = aggregateFileProfiles(configChild, credentialsSource);
    Consumer<ProfileFile> profileValidator = profileFile -> assertThatThrownBy(new ProfileCredentialsUtils(profileFile, profileFile.profiles().get("child"), profileFile::profile)::credentialsProvider).hasMessageContaining("the 'sts' service module must be on the class path");
    assertThat(sourceProfile).satisfies(profileValidator);
    assertThat(configProfile).satisfies(profileValidator);
}
Also used : ProfileFile(software.amazon.awssdk.profiles.ProfileFile) Arrays(java.util.Arrays) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) AwsSessionCredentials(software.amazon.awssdk.auth.credentials.AwsSessionCredentials) File(java.io.File) Consumer(java.util.function.Consumer) AfterAll(org.junit.jupiter.api.AfterAll) Test(org.junit.jupiter.api.Test) List(java.util.List) StringInputStream(software.amazon.awssdk.utils.StringInputStream) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) BeforeAll(org.junit.jupiter.api.BeforeAll) ProcessCredentialsProviderTest(software.amazon.awssdk.auth.credentials.ProcessCredentialsProviderTest) ProfileProperty(software.amazon.awssdk.profiles.ProfileProperty) AwsBasicCredentials(software.amazon.awssdk.auth.credentials.AwsBasicCredentials) ProfileFile(software.amazon.awssdk.profiles.ProfileFile) Test(org.junit.jupiter.api.Test) ProcessCredentialsProviderTest(software.amazon.awssdk.auth.credentials.ProcessCredentialsProviderTest)

Example 19 with ProfileFile

use of software.amazon.awssdk.profiles.ProfileFile in project aws-sdk-java-v2 by aws.

the class ProfileCredentialsUtils method roleAndSourceProfileBasedProfileCredentialsProvider.

/**
 * Load an assumed-role credentials provider that has been configured in this profile. This will attempt to locate the STS
 * module in order to generate the credentials provider. If it's not available, an illegal state exception will be raised.
 *
 * @param children The child profiles that source credentials from this profile.
 */
private AwsCredentialsProvider roleAndSourceProfileBasedProfileCredentialsProvider(Set<String> children) {
    requireProperties(ProfileProperty.SOURCE_PROFILE);
    Validate.validState(!children.contains(name), "Invalid profile file: Circular relationship detected with profiles %s.", children);
    Validate.validState(credentialsSourceResolver != null, "The profile '%s' must be configured with a source profile in order to use assumed roles.", name);
    children.add(name);
    AwsCredentialsProvider sourceCredentialsProvider = credentialsSourceResolver.apply(properties.get(ProfileProperty.SOURCE_PROFILE)).flatMap(p -> new ProfileCredentialsUtils(profileFile, p, credentialsSourceResolver).credentialsProvider(children)).orElseThrow(this::noSourceCredentialsException);
    return stsCredentialsProviderFactory().create(sourceCredentialsProvider, profile);
}
Also used : ProfileFile(software.amazon.awssdk.profiles.ProfileFile) Arrays(java.util.Arrays) AwsCredentialsProviderChain(software.amazon.awssdk.auth.credentials.AwsCredentialsProviderChain) SdkAutoCloseable(software.amazon.awssdk.utils.SdkAutoCloseable) AwsCredentialsProvider(software.amazon.awssdk.auth.credentials.AwsCredentialsProvider) ProfileCredentialsProviderFactory(software.amazon.awssdk.auth.credentials.ProfileCredentialsProviderFactory) ClassLoaderHelper(software.amazon.awssdk.core.internal.util.ClassLoaderHelper) AwsSessionCredentials(software.amazon.awssdk.auth.credentials.AwsSessionCredentials) StaticCredentialsProvider(software.amazon.awssdk.auth.credentials.StaticCredentialsProvider) SystemPropertyCredentialsProvider(software.amazon.awssdk.auth.credentials.SystemPropertyCredentialsProvider) Function(java.util.function.Function) HashSet(java.util.HashSet) Profile(software.amazon.awssdk.profiles.Profile) Map(java.util.Map) ProfileProperty(software.amazon.awssdk.profiles.ProfileProperty) Path(java.nio.file.Path) Validate(software.amazon.awssdk.utils.Validate) EnvironmentVariableCredentialsProvider(software.amazon.awssdk.auth.credentials.EnvironmentVariableCredentialsProvider) AwsCredentials(software.amazon.awssdk.auth.credentials.AwsCredentials) Set(java.util.Set) ProcessCredentialsProvider(software.amazon.awssdk.auth.credentials.ProcessCredentialsProvider) InvocationTargetException(java.lang.reflect.InvocationTargetException) Paths(java.nio.file.Paths) ChildProfileCredentialsProviderFactory(software.amazon.awssdk.auth.credentials.ChildProfileCredentialsProviderFactory) Optional(java.util.Optional) ContainerCredentialsProvider(software.amazon.awssdk.auth.credentials.ContainerCredentialsProvider) SdkInternalApi(software.amazon.awssdk.annotations.SdkInternalApi) AwsBasicCredentials(software.amazon.awssdk.auth.credentials.AwsBasicCredentials) InstanceProfileCredentialsProvider(software.amazon.awssdk.auth.credentials.InstanceProfileCredentialsProvider) AwsCredentialsProvider(software.amazon.awssdk.auth.credentials.AwsCredentialsProvider)

Example 20 with ProfileFile

use of software.amazon.awssdk.profiles.ProfileFile in project aws-sdk-java-v2 by aws.

the class ProfileCredentialsProviderTest method profileWithWebIdentityToken.

@Test
public void profileWithWebIdentityToken() {
    String token = "/User/home/test";
    ProfileFile file = profileFile("[default]\n" + "aws_access_key_id = defaultAccessKey\n" + "aws_secret_access_key = defaultSecretAccessKey\n" + "web_identity_token_file = " + token);
    assertThat(file.profile("default").get().property(ProfileProperty.WEB_IDENTITY_TOKEN_FILE).get()).isEqualTo(token);
}
Also used : ProfileFile(software.amazon.awssdk.profiles.ProfileFile) Test(org.junit.jupiter.api.Test)

Aggregations

ProfileFile (software.amazon.awssdk.profiles.ProfileFile)47 Test (org.junit.jupiter.api.Test)22 StringInputStream (software.amazon.awssdk.utils.StringInputStream)20 Test (org.junit.Test)14 ProcessCredentialsProviderTest (software.amazon.awssdk.auth.credentials.ProcessCredentialsProviderTest)11 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)9 ProfileCredentialsUtils (software.amazon.awssdk.auth.credentials.internal.ProfileCredentialsUtils)9 Region (software.amazon.awssdk.regions.Region)9 Assertions.assertThatThrownBy (org.assertj.core.api.Assertions.assertThatThrownBy)8 URI (java.net.URI)7 Optional (java.util.Optional)6 Arrays (java.util.Arrays)5 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)5 AwsCredentials (software.amazon.awssdk.auth.credentials.AwsCredentials)5 ExecutionInterceptor (software.amazon.awssdk.core.interceptor.ExecutionInterceptor)5 Profile (software.amazon.awssdk.profiles.Profile)5 SdkAutoCloseable (software.amazon.awssdk.utils.SdkAutoCloseable)5 ArrayList (java.util.ArrayList)4 Map (java.util.Map)4 AwsBasicCredentials (software.amazon.awssdk.auth.credentials.AwsBasicCredentials)4