Java Code Examples for com.amazonaws.services.securitytoken.model.Credentials#getExpiration()

The following examples show how to use com.amazonaws.services.securitytoken.model.Credentials#getExpiration() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: AwsSessionCredentialClient.java    From cloudbreak with Apache License 2.0 6 votes vote down vote up 
public AwsSessionCredentials retrieveSessionCredentials(AwsCredentialView awsCredential) {
    String externalId = awsCredential.getExternalId();
    AssumeRoleRequest assumeRoleRequest = new AssumeRoleRequest()
            .withDurationSeconds(DEFAULT_SESSION_CREDENTIALS_DURATION)
            .withExternalId(StringUtils.isEmpty(externalId) ? deprecatedExternalId : externalId)
            .withRoleArn(awsCredential.getRoleArn())
            .withRoleSessionName(roleSessionName);
    LOGGER.debug("Trying to assume role with role arn {}", awsCredential.getRoleArn());
    try {
        AssumeRoleResult result = awsSecurityTokenServiceClient(awsCredential).assumeRole(assumeRoleRequest);
        Credentials credentialsResponse = result.getCredentials();

        String formattedExpirationDate = "";
        Date expirationTime = credentialsResponse.getExpiration();
        if (expirationTime != null) {
            formattedExpirationDate = new StdDateFormat().format(expirationTime);
        }
        LOGGER.debug("Assume role result credential: role arn: {}, expiration date: {}",
                awsCredential.getRoleArn(), formattedExpirationDate);

        return new AwsSessionCredentials(
                credentialsResponse.getAccessKeyId(),
                credentialsResponse.getSecretAccessKey(),
                credentialsResponse.getSessionToken(),
                credentialsResponse.getExpiration());
    } catch (SdkClientException e) {
        LOGGER.error("Unable to assume role. Check exception for details.", e);
        throw e;
    }
}
Example 2
Source File: UploadDownloadServiceImpl.java    From herd with Apache License 2.0 4 votes vote down vote up 
@NamespacePermission(fields = "#namespace", permissions = NamespacePermissionEnum.READ)
@Override
public DownloadSingleInitiationResponse initiateDownloadSingle(String namespace, String businessObjectDefinitionName, String businessObjectFormatUsage,
    String businessObjectFormatFileType, Integer businessObjectFormatVersion, String partitionValue, Integer businessObjectDataVersion)
{
    // Create the business object data key.
    BusinessObjectDataKey businessObjectDataKey =
        new BusinessObjectDataKey(namespace, businessObjectDefinitionName, businessObjectFormatUsage, businessObjectFormatFileType,
            businessObjectFormatVersion, partitionValue, null, businessObjectDataVersion);

    // Validate the parameters
    businessObjectDataHelper.validateBusinessObjectDataKey(businessObjectDataKey, true, true);

    // Retrieve the persisted business object data
    BusinessObjectDataEntity businessObjectDataEntity = businessObjectDataDaoHelper.getBusinessObjectDataEntity(businessObjectDataKey);

    // Make sure the status of the business object data is VALID
    businessObjectDataHelper.assertBusinessObjectDataStatusEquals(BusinessObjectDataStatusEntity.VALID, businessObjectDataEntity);

    // Get the external storage registered against this data
    // Validate that the storage unit exists
    StorageUnitEntity storageUnitEntity = IterableUtils.get(businessObjectDataEntity.getStorageUnits(), 0);

    // Validate that the storage unit contains only 1 file
    assertHasOneStorageFile(storageUnitEntity);

    String s3BucketName = storageHelper.getStorageBucketName(storageUnitEntity.getStorage());
    String s3ObjectKey = IterableUtils.get(storageUnitEntity.getStorageFiles(), 0).getPath();

    // Get the temporary credentials
    Credentials downloaderCredentials =
        getExternalDownloaderCredentials(storageUnitEntity.getStorage(), String.valueOf(businessObjectDataEntity.getId()), s3ObjectKey);

    // Generate a pre-signed URL
    Date expiration = downloaderCredentials.getExpiration();
    S3FileTransferRequestParamsDto s3BucketAccessParams = storageHelper.getS3BucketAccessParams(storageUnitEntity.getStorage());
    String presignedUrl = s3Dao.generateGetObjectPresignedUrl(s3BucketName, s3ObjectKey, expiration, s3BucketAccessParams);

    // Construct and return the response
    DownloadSingleInitiationResponse response = new DownloadSingleInitiationResponse();
    response.setBusinessObjectData(businessObjectDataHelper.createBusinessObjectDataFromEntity(businessObjectDataEntity));
    response.setAwsAccessKey(downloaderCredentials.getAccessKeyId());
    response.setAwsSecretKey(downloaderCredentials.getSecretAccessKey());
    response.setAwsSessionToken(downloaderCredentials.getSessionToken());
    response.setAwsSessionExpirationTime(HerdDateUtils.getXMLGregorianCalendarValue(expiration));
    response.setPreSignedUrl(presignedUrl);
    return response;
}
Example 3
Source File: UploadDownloadServiceImpl.java    From herd with Apache License 2.0 4 votes vote down vote up 
@Override
public DownloadBusinessObjectDefinitionSampleDataFileSingleInitiationResponse initiateDownloadSingleSampleFile(
    DownloadBusinessObjectDefinitionSampleDataFileSingleInitiationRequest request)
{
    // Validate and trim the request parameters.
    validateDownloadBusinessObjectDefinitionSampleDataFileSingleInitiationRequest(request);

    // Get the business object definition sample data file key.
    BusinessObjectDefinitionSampleDataFileKey businessObjectDefinitionSampleDataFileKey = request.getBusinessObjectDefinitionSampleDataFileKey();

    // Get the business object definition key.
    BusinessObjectDefinitionKey businessObjectDefinitionKey = new BusinessObjectDefinitionKey(businessObjectDefinitionSampleDataFileKey.getNamespace(),
        businessObjectDefinitionSampleDataFileKey.getBusinessObjectDefinitionName());

    // Get the business object definition entity and ensure it exists.
    BusinessObjectDefinitionEntity businessObjectDefinitionEntity =
        businessObjectDefinitionDaoHelper.getBusinessObjectDefinitionEntity(businessObjectDefinitionKey);

    // Get the sample data file exists for the business object definition and ensure it exists.
    BusinessObjectDefinitionSampleDataFileEntity businessObjectDefinitionSampleDataFileEntity =
        getBusinessObjectDefinitionSampleDataFileEntity(businessObjectDefinitionEntity, businessObjectDefinitionSampleDataFileKey);

    // Retrieve the storage related information.
    StorageEntity storageEntity = businessObjectDefinitionSampleDataFileEntity.getStorage();
    String s3BucketName = storageHelper.getStorageBucketName(storageEntity);
    String s3ObjectKey = businessObjectDefinitionSampleDataFileKey.getDirectoryPath() + businessObjectDefinitionSampleDataFileKey.getFileName();

    String sessionID = UUID.randomUUID().toString();
    // Get the temporary credentials.
    Credentials downloaderCredentials = getDownloaderCredentialsNoKmsKey(storageEntity, sessionID, s3ObjectKey);

    // Generate a pre-signed URL.
    Date expiration = downloaderCredentials.getExpiration();
    S3FileTransferRequestParamsDto s3BucketAccessParams = storageHelper.getS3BucketAccessParams(storageEntity);
    String presignedUrl = s3Dao.generateGetObjectPresignedUrl(s3BucketName, s3ObjectKey, expiration, s3BucketAccessParams);

    // Create the download business object definition sample data file single initiation response.
    DownloadBusinessObjectDefinitionSampleDataFileSingleInitiationResponse response =
        new DownloadBusinessObjectDefinitionSampleDataFileSingleInitiationResponse();
    response.setBusinessObjectDefinitionSampleDataFileKey(
        new BusinessObjectDefinitionSampleDataFileKey(businessObjectDefinitionEntity.getNamespace().getCode(), businessObjectDefinitionEntity.getName(),
            businessObjectDefinitionSampleDataFileEntity.getDirectoryPath(), businessObjectDefinitionSampleDataFileEntity.getFileName()));
    response.setAwsS3BucketName(s3BucketName);
    response.setAwsAccessKey(downloaderCredentials.getAccessKeyId());
    response.setAwsSecretKey(downloaderCredentials.getSecretAccessKey());
    response.setAwsSessionToken(downloaderCredentials.getSessionToken());
    response.setAwsSessionExpirationTime(HerdDateUtils.getXMLGregorianCalendarValue(expiration));
    response.setPreSignedUrl(presignedUrl);

    // Return the response.
    return response;
}
Example 4
Source File: UploadDownloadServiceImpl.java    From herd with Apache License 2.0 4 votes vote down vote up 
@NamespacePermission(fields = "#downloadBusinessObjectDataStorageFileSingleInitiationRequest.businessObjectDataStorageFileKey.namespace",
    permissions = NamespacePermissionEnum.READ)
@Override
public DownloadBusinessObjectDataStorageFileSingleInitiationResponse initiateDownloadSingleBusinessObjectDataStorageFile(
    DownloadBusinessObjectDataStorageFileSingleInitiationRequest downloadBusinessObjectDataStorageFileSingleInitiationRequest)
{
    // Validate and trim the request.
    uploadDownloadHelper
        .validateAndTrimDownloadBusinessObjectDataStorageFileSingleInitiationRequest(downloadBusinessObjectDataStorageFileSingleInitiationRequest);

    // Get the business object data storage file key.
    BusinessObjectDataStorageFileKey businessObjectDataStorageFileKey =
        downloadBusinessObjectDataStorageFileSingleInitiationRequest.getBusinessObjectDataStorageFileKey();

    // Retrieve and validate that the business object data exists.
    BusinessObjectDataKey businessObjectDataKey = getBusinessObjectDataKeyFromBusinessObjectDataStorageFileKey(businessObjectDataStorageFileKey);
    BusinessObjectDataEntity businessObjectDataEntity = businessObjectDataDaoHelper.getBusinessObjectDataEntity(businessObjectDataKey);

    // Retrieve and validate that the storage unit exists
    StorageUnitEntity storageUnitEntity =
        storageUnitDaoHelper.getStorageUnitEntity(businessObjectDataStorageFileKey.getStorageName(), businessObjectDataEntity);

    // Get the storage file entity and ensure it exists.
    StorageFileEntity storageFileEntity =
        storageFileDaoHelper.getStorageFileEntity(storageUnitEntity, businessObjectDataStorageFileKey.getFilePath(), businessObjectDataKey);

    // Get S3 bucket access parameters.
    StorageEntity storageEntity = storageFileEntity.getStorageUnit().getStorage();

    // Retrieve the storage related information.
    String s3BucketName = storageHelper.getStorageBucketName(storageEntity);
    String s3ObjectKey = businessObjectDataStorageFileKey.getFilePath();

    // Create an AWS policy builder.
    AwsPolicyBuilder awsPolicyBuilder = new AwsPolicyBuilder().withS3(s3BucketName, s3ObjectKey, S3Actions.GetObject);

    // Get the storage kms key id.
    String storageKmsKeyId = storageHelper
        .getStorageAttributeValueByName(configurationHelper.getProperty(ConfigurationValue.S3_ATTRIBUTE_NAME_KMS_KEY_ID), storageEntity, false, true);

    /*
     * Only add KMS policies if the storage specifies a KMS ID
     */
    if (storageKmsKeyId != null)
    {
        awsPolicyBuilder.withKms(storageKmsKeyId.trim(), KmsActions.DECRYPT);
    }

    // Create a sessionId.
    String sessionId = UUID.randomUUID().toString();

    // Get the temporary credentials.
    Credentials downloaderCredentials = getDownloaderCredentials(storageEntity, sessionId, awsPolicyBuilder);

    // Generate a pre-signed URL.
    Date expiration = downloaderCredentials.getExpiration();
    S3FileTransferRequestParamsDto s3BucketAccessParams = storageHelper.getS3BucketAccessParams(storageEntity);
    String preSignedUrl = s3Dao.generateGetObjectPresignedUrl(s3BucketName, s3ObjectKey, expiration, s3BucketAccessParams);

    // Convert the business object format entity to the business object format model object
    BusinessObjectFormat businessObjectFormat =
        businessObjectFormatHelper.createBusinessObjectFormatFromEntity(businessObjectDataEntity.getBusinessObjectFormat());

    // Create a business object data storage file key for the download business object data storage file single initiation response.
    BusinessObjectDataStorageFileKey businessObjectDataStorageFileKeyForResponse =
        new BusinessObjectDataStorageFileKey(businessObjectFormat.getNamespace(), businessObjectFormat.getBusinessObjectDefinitionName(),
            businessObjectFormat.getBusinessObjectFormatUsage(), businessObjectFormat.getBusinessObjectFormatFileType(),
            businessObjectFormat.getBusinessObjectFormatVersion(), businessObjectDataEntity.getPartitionValue(),
            businessObjectDataHelper.getSubPartitionValues(businessObjectDataEntity), businessObjectDataEntity.getVersion(),
            storageUnitEntity.getStorageName(), storageFileEntity.getPath());

    // Create the download business object data storage file single initiation response.
    DownloadBusinessObjectDataStorageFileSingleInitiationResponse downloadBusinessObjectDataStorageFileSingleInitiationResponse =
        new DownloadBusinessObjectDataStorageFileSingleInitiationResponse();
    downloadBusinessObjectDataStorageFileSingleInitiationResponse.setBusinessObjectDataStorageFileKey(businessObjectDataStorageFileKeyForResponse);
    downloadBusinessObjectDataStorageFileSingleInitiationResponse.setAwsS3BucketName(s3BucketName);
    downloadBusinessObjectDataStorageFileSingleInitiationResponse.setAwsAccessKey(downloaderCredentials.getAccessKeyId());
    downloadBusinessObjectDataStorageFileSingleInitiationResponse.setAwsSecretKey(downloaderCredentials.getSecretAccessKey());
    downloadBusinessObjectDataStorageFileSingleInitiationResponse.setAwsSessionToken(downloaderCredentials.getSessionToken());
    downloadBusinessObjectDataStorageFileSingleInitiationResponse.setAwsSessionExpirationTime(HerdDateUtils.getXMLGregorianCalendarValue(expiration));
    downloadBusinessObjectDataStorageFileSingleInitiationResponse.setPreSignedUrl(preSignedUrl);

    // Return the download business object data storage file single initiation response.
    return downloadBusinessObjectDataStorageFileSingleInitiationResponse;
}