Skip to content

Commit

Permalink
Merge pull request #15258 from iterate-ch/bugfix/GH-15257
Browse files Browse the repository at this point in the history 
Fix #15257.
  • Loading branch information
@dkocher
dkocher committed Oct 25, 2023
2 parents b2187b7 + 9584886 commit b5a6d83
Show file tree
Hide file tree
Showing 4 changed files with 28 additions and 1 deletion.
3 changes: 2 additions & 1 deletion s3/src/main/java/ch/cyberduck/core/s3/S3CredentialsConfigurator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -238,7 +238,8 @@ else if(!profiles.containsKey(basicProfile.getRoleSourceProfile())) {
return credentials;
}
return credentials.withTokens(new TemporaryAccessTokens(
cached.accessKey, cached.secretKey, cached.sessionToken, Long.valueOf(cached.expiration)));
cached.accessKey, cached.secretKey, cached.sessionToken,
Instant.parse(cached.expiration).toEpochMilli()));
}
if(tokenCode != null) {
// Obtain session token
Expand Down
11 changes: 11 additions & 0 deletions s3/src/test/java/ch/cyberduck/core/s3/S3CredentialsConfiguratorTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,4 +56,15 @@ public void readSuccessForValidAWSCredentialsProfileEntry() throws Exception {
assertEquals("EXAMPLESECRETKEY", verify.getTokens().getSecretAccessKey());
assertEquals("EXAMPLETOKEN", verify.getTokens().getSessionToken());
}

@Test
public void readSSOCachedTemporaryTokens() throws Exception {
final Credentials verify = new S3CredentialsConfigurator(LocalFactory.get(new File("src/test/resources/valid/.aws").getAbsolutePath())
, new DisabledX509TrustManager(), new DefaultX509KeyManager(), new DisabledPasswordCallback())
.reload().configure(new Host(new TestProtocol(), StringUtils.EMPTY, new Credentials("ReadOnlyAccess-189584543480")));
assertEquals("TESTACCESSKEY", verify.getTokens().getAccessKeyId());
assertEquals("TESTSECRETKEY", verify.getTokens().getSecretAccessKey());
assertEquals("TESTSESSIONTOKEN", verify.getTokens().getSessionToken());
assertEquals(3497005724000L, verify.getTokens().getExpiryInMilliseconds(), 0L);
}
}
9 changes: 9 additions & 0 deletions s3/src/test/resources/valid/.aws/cli/cache/f9eb64cf0dc746e9fe1398f73dcae2d212b24f5a.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
{
"ProviderType": "sso",
"Credentials": {
"AccessKeyId": "TESTACCESSKEY",
"SecretAccessKey": "TESTSECRETKEY",
"SessionToken": "TESTSESSIONTOKEN",
"Expiration": "2080-10-24T14:28:44Z"
}
}
6 changes: 6 additions & 0 deletions s3/src/test/resources/valid/.aws/config
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
[profile ReadOnlyAccess-189584543480]
sso_start_url = https://d-90679a6e6a.awsapps.com/start
sso_region = us-east-1
sso_account_id = 189584543480
sso_role_name = ReadOnlyAccess
region = eu-west-1

0 comments on commit b5a6d83

Please sign in to comment.