-
Notifications
You must be signed in to change notification settings - Fork 116
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Testing/obj-storage-mock: add dummy assume-role endpoint #8288
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,67 @@ | ||
/* | ||
* Copyright (C) 2024 Dremio | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
package org.projectnessie.objectstoragemock; | ||
|
||
import jakarta.inject.Inject; | ||
import jakarta.ws.rs.Consumes; | ||
import jakarta.ws.rs.FormParam; | ||
import jakarta.ws.rs.HeaderParam; | ||
import jakarta.ws.rs.POST; | ||
import jakarta.ws.rs.Path; | ||
import jakarta.ws.rs.Produces; | ||
import jakarta.ws.rs.core.MediaType; | ||
import org.projectnessie.objectstoragemock.sts.AssumeRoleResult; | ||
import org.projectnessie.objectstoragemock.sts.ImmutableAssumeRoleResponse; | ||
import org.projectnessie.objectstoragemock.sts.ImmutableResponseMetadata; | ||
|
||
@Path("/sts/") | ||
@Produces(MediaType.APPLICATION_XML) | ||
@Consumes(MediaType.APPLICATION_XML) | ||
public class StsResource { | ||
@Inject ObjectStorageMock mockServer; | ||
|
||
@Path("assumeRole") | ||
@POST | ||
@Consumes(MediaType.APPLICATION_FORM_URLENCODED) | ||
@Produces(MediaType.APPLICATION_XML) | ||
public Object assumeRole( | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I noticed we don't support |
||
@FormParam("Action") String action, | ||
@FormParam("Version") String version, | ||
@FormParam("RoleArn") String roleArn, | ||
@FormParam("RoleSessionName") String roleSessionName, | ||
@FormParam("Policy") String policy, | ||
@FormParam("DurationSeconds") Integer durationSeconds, | ||
@FormParam("ExternalId") String externalId, | ||
@FormParam("SerialNumber") String serialNumber, | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. It seems There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is testing code - we can change and adopt later at any time. |
||
@HeaderParam("amz-sdk-invocation-id") String amzSdkInvocationId) { | ||
AssumeRoleResult result = | ||
mockServer | ||
.assumeRoleHandler() | ||
.assumeRole( | ||
action, | ||
version, | ||
roleArn, | ||
roleSessionName, | ||
policy, | ||
durationSeconds, | ||
externalId, | ||
serialNumber); | ||
return ImmutableAssumeRoleResponse.builder() | ||
.assumeRoleResult(result) | ||
.responseMetadata(ImmutableResponseMetadata.builder().requestId(amzSdkInvocationId).build()) | ||
.build(); | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
/* | ||
* Copyright (C) 2024 Dremio | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
package org.projectnessie.objectstoragemock.sts; | ||
|
||
public interface AssumeRoleHandler { | ||
AssumeRoleResult assumeRole( | ||
String action, | ||
String version, | ||
String roleArn, | ||
String roleSessionName, | ||
String policy, | ||
Integer durationSeconds, | ||
String externalId, | ||
String serialNumber); | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
/* | ||
* Copyright (C) 2022 Dremio | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
package org.projectnessie.objectstoragemock.sts; | ||
|
||
import com.fasterxml.jackson.annotation.JsonProperty; | ||
import com.fasterxml.jackson.annotation.JsonRootName; | ||
import com.fasterxml.jackson.databind.annotation.JsonDeserialize; | ||
import com.fasterxml.jackson.databind.annotation.JsonSerialize; | ||
import org.immutables.value.Value; | ||
|
||
@JsonRootName("AssumeRoleResponse") | ||
@JsonSerialize(as = ImmutableAssumeRoleResponse.class) | ||
@JsonDeserialize(as = ImmutableAssumeRoleResponse.class) | ||
@Value.Immutable | ||
@Value.Style(jdkOnly = true) | ||
public interface AssumeRoleResponse { | ||
|
||
@JsonProperty("AssumeRoleResult") | ||
AssumeRoleResult assumeRoleResult(); | ||
|
||
@JsonProperty("ResponseMetadata") | ||
ResponseMetadata responseMetadata(); | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
/* | ||
* Copyright (C) 2022 Dremio | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
package org.projectnessie.objectstoragemock.sts; | ||
|
||
import com.fasterxml.jackson.annotation.JsonProperty; | ||
import com.fasterxml.jackson.databind.annotation.JsonDeserialize; | ||
import com.fasterxml.jackson.databind.annotation.JsonSerialize; | ||
import org.immutables.value.Value; | ||
|
||
@JsonSerialize(as = ImmutableAssumeRoleResult.class) | ||
@JsonDeserialize(as = ImmutableAssumeRoleResult.class) | ||
@Value.Immutable | ||
@Value.Style(jdkOnly = true) | ||
public interface AssumeRoleResult { | ||
|
||
@JsonProperty("SourceIdentity") | ||
String sourceIdentity(); | ||
|
||
@JsonProperty("AssumedRoleUser") | ||
RoleUser assumedRoleUser(); | ||
|
||
@JsonProperty("Credentials") | ||
Credentials credentials(); | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
/* | ||
* Copyright (C) 2022 Dremio | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
package org.projectnessie.objectstoragemock.sts; | ||
|
||
import com.fasterxml.jackson.annotation.JsonFormat; | ||
import com.fasterxml.jackson.annotation.JsonProperty; | ||
import com.fasterxml.jackson.databind.annotation.JsonDeserialize; | ||
import com.fasterxml.jackson.databind.annotation.JsonSerialize; | ||
import com.fasterxml.jackson.databind.util.StdDateFormat; | ||
import com.fasterxml.jackson.datatype.jsr310.deser.InstantDeserializer; | ||
import com.fasterxml.jackson.datatype.jsr310.ser.InstantSerializer; | ||
import jakarta.annotation.Nullable; | ||
import java.time.Instant; | ||
import org.immutables.value.Value; | ||
|
||
@JsonSerialize(as = ImmutableCredentials.class) | ||
@JsonDeserialize(as = ImmutableCredentials.class) | ||
@Value.Immutable | ||
@Value.Style(jdkOnly = true) | ||
public interface Credentials { | ||
|
||
@JsonProperty("AccessKeyId") | ||
String accessKeyId(); | ||
|
||
@JsonProperty("SecretAccessKey") | ||
String secretAccessKey(); | ||
|
||
@JsonProperty("SessionToken") | ||
@Nullable | ||
String sessionToken(); | ||
|
||
@JsonProperty("Expiration") | ||
@JsonFormat( | ||
shape = JsonFormat.Shape.STRING, | ||
pattern = StdDateFormat.DATE_FORMAT_STR_ISO8601, | ||
timezone = "UTC") | ||
@JsonSerialize(using = InstantSerializer.class) | ||
@JsonDeserialize(using = InstantDeserializer.class) | ||
Instant expiration(); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
According to this doc the original STS endpoint uses GET + query parameters.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The awssdk actually uses POST + form