Expose expiration property on temporary STS credentials

[OnKey]

Describe the feature

Currently the expiry time for a token is not exposed when getting a temporary STS token. This property is stored as part of the CredentialsRefreshState is the class below. Could you look at adding this property into ImmutableCredentials or exposing it in some other way.

https://github.com/aws/aws-sdk-net/blob/main/sdk/src/Core/Amazon.Runtime/Credentials/RefreshingAWSCredentials.cs

Use Case

I need to know when I need to refresh temporary STS credentials and don't want to call GetCredentials() before every AWS API call in my application.

Proposed Solution

Add Expiration property into ImmutableCredentials and populate it in the Copy method where it exists.

https://github.com/aws/aws-sdk-net/blob/main/sdk/src/Core/Amazon.Runtime/Credentials/ImmutableCredentials.cs

Other Information

No response

Acknowledgements

• I may be able to implement this feature request
• This feature might incur a breaking change

AWS .NET SDK and/or Package version used

AWSSDK.SSO 3.7.100.83

Targeted .NET Platform

.NET 7

Operating System and version

Windows 10

[ashishdhingra]

Appears to be useful feature request. Needs review with the team.

[ashishdhingra]

@OnKey Please elaborate your use case. Credentials are refreshed automatically when RefreshingAWSCredentials are nearing expiration.

[OnKey]

@ashishdhingra the credentials are only refreshed if I call GetCredentials() every time I need to call an AWS endpoint. In this case, I need to pass the credentials (Access Key, Secret Key & Session token) to a 3rd party library and know when they need to be refreshed. The 3rd party library does not use the SDK directly, it just accepts a set of credentials to use when accessing AWS.