-
Notifications
You must be signed in to change notification settings - Fork 271
/
configuration.go
62 lines (49 loc) · 2.1 KB
/
configuration.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
package providers
import (
"errors"
"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth"
"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/credentials"
)
var (
ErrNoValidCredentialsFound = errors.New("no valid credentials were found")
)
type Configuration struct {
AccessKeyID string
AccessKeySecret string
AccessKeyStsToken string
RoleArn string
RoleSessionName string
RoleSessionExpiration *int
PrivateKey string
PublicKeyID string
SessionExpiration *int
RoleName string
}
func NewConfigurationCredentialProvider(configuration *Configuration) Provider {
return &ConfigurationProvider{
Configuration: configuration,
}
}
type ConfigurationProvider struct {
Configuration *Configuration
}
// Retrieve walks through all currently supported credential types and attempts to build them
// using the given configuration.
func (p *ConfigurationProvider) Retrieve() (auth.Credential, error) {
if p.Configuration.AccessKeyID != "" && p.Configuration.AccessKeySecret != "" {
if p.Configuration.RoleArn != "" && p.Configuration.RoleSessionName != "" && p.Configuration.RoleSessionExpiration != nil {
return credentials.NewRamRoleArnCredential(p.Configuration.AccessKeyID, p.Configuration.AccessKeySecret, p.Configuration.RoleArn, p.Configuration.RoleSessionName, *p.Configuration.RoleSessionExpiration), nil
}
if p.Configuration.AccessKeyStsToken != "" {
return credentials.NewStsTokenCredential(p.Configuration.AccessKeyID, p.Configuration.AccessKeySecret, p.Configuration.AccessKeyStsToken), nil
}
return credentials.NewAccessKeyCredential(p.Configuration.AccessKeyID, p.Configuration.AccessKeySecret), nil
}
if p.Configuration.RoleName != "" {
return credentials.NewEcsRamRoleCredential(p.Configuration.RoleName), nil
}
if p.Configuration.PrivateKey != "" && p.Configuration.PublicKeyID != "" && p.Configuration.SessionExpiration != nil {
return credentials.NewRsaKeyPairCredential(p.Configuration.PrivateKey, p.Configuration.PublicKeyID, *p.Configuration.SessionExpiration), nil
}
return nil, ErrNoValidCredentialsFound
}