/*
* Copyright 2017-2020 original authors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package io.micronaut.aws.sdk.v2;
import io.micronaut.context.env.Environment;
import software.amazon.awssdk.auth.credentials.AwsBasicCredentials;
import software.amazon.awssdk.auth.credentials.AwsCredentials;
import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider;
import software.amazon.awssdk.auth.credentials.AwsSessionCredentials;
import software.amazon.awssdk.core.exception.SdkClientException;
import software.amazon.awssdk.utils.StringUtils;
/**
* A {@link AwsCredentialsProvider} that reads from the {@link Environment}.
*
* @author graemerocher
* @author VladimĂr OranĂ˝
* @since 2.0.0
*/
public final class EnvironmentAwsCredentialsProvider implements AwsCredentialsProvider {
/**
* Environment variable name for the AWS access key ID.
*/
public static final String ACCESS_KEY_ENV_VAR = "aws.access-key-id";
/**
* Alternate environment variable name for the AWS access key ID.
*/
public static final String ALTERNATE_ACCESS_KEY_ENV_VAR = "aws.access-key";
/**
* Environment variable name for the AWS secret key.
*/
public static final String SECRET_KEY_ENV_VAR = "aws.secret-key";
/**
* Alternate environment variable name for the AWS secret key.
*/
public static final String ALTERNATE_SECRET_KEY_ENV_VAR = "aws.secret-access-key";
/**
* Environment variable name for the AWS session token.
*/
public static final String AWS_SESSION_TOKEN_ENV_VAR = "aws.session-token";
private final Environment environment;
/**
* Constructor.
* @param environment environment
*/
private EnvironmentAwsCredentialsProvider(Environment environment) {
this.environment = environment;
}
/**
* @param environment The Micronaut environment
* @return an {@link EnvironmentAwsCredentialsProvider} instance.
*/
public static EnvironmentAwsCredentialsProvider create(Environment environment) {
return new EnvironmentAwsCredentialsProvider(environment);
}
@Override
public AwsCredentials resolveCredentials() {
String accessKey = environment.getProperty(ACCESS_KEY_ENV_VAR, String.class, environment.getProperty(ALTERNATE_ACCESS_KEY_ENV_VAR, String.class, (String) null));
String secretKey = environment.getProperty(SECRET_KEY_ENV_VAR, String.class, environment.getProperty(ALTERNATE_SECRET_KEY_ENV_VAR, String.class, (String) null));
accessKey = StringUtils.trim(accessKey);
secretKey = StringUtils.trim(secretKey);
String sessionToken = StringUtils.trim(environment.getProperty(AWS_SESSION_TOKEN_ENV_VAR, String.class, (String) null));
if (StringUtils.isBlank(accessKey) || StringUtils.isBlank(secretKey)) {
throw SdkClientException.create(
"Unable to load AWS credentials from environment "
+ "(" + ACCESS_KEY_ENV_VAR + " (or " + ALTERNATE_ACCESS_KEY_ENV_VAR + ") and "
+ SECRET_KEY_ENV_VAR + " (or " + ALTERNATE_SECRET_KEY_ENV_VAR + "))");
}
return sessionToken == null
? AwsBasicCredentials.create(accessKey, secretKey)
: AwsSessionCredentials.create(accessKey, secretKey, sessionToken);
}
@Override
public String toString() {
return getClass().getSimpleName();
}
}
