org.jclouds.domain.Credentials Java Examples

private static Pair<BlobStoreLocation, BlobStore> createBlobStore(String driver,
                                                                  String region,
                                                                  String endpoint,
                                                                  Supplier<Credentials> credentials,
                                                                  int maxBlockSize) {
    Properties overrides = new Properties();
    // This property controls the number of parts being uploaded in parallel.
    overrides.setProperty("jclouds.mpu.parallel.degree", "1");
    overrides.setProperty("jclouds.mpu.parts.size", Integer.toString(maxBlockSize));
    overrides.setProperty(Constants.PROPERTY_SO_TIMEOUT, "25000");
    overrides.setProperty(Constants.PROPERTY_MAX_RETRIES, Integer.toString(100));

    ApiRegistry.registerApi(new S3ApiMetadata());
    ProviderRegistry.registerProvider(new AWSS3ProviderMetadata());
    ProviderRegistry.registerProvider(new GoogleCloudStorageProviderMetadata());

    ContextBuilder contextBuilder = ContextBuilder.newBuilder(driver);
    contextBuilder.credentialsSupplier(credentials);

    if (isS3Driver(driver) && !Strings.isNullOrEmpty(endpoint)) {
        contextBuilder.endpoint(endpoint);
        overrides.setProperty(S3Constants.PROPERTY_S3_VIRTUAL_HOST_BUCKETS, "false");
    }
    contextBuilder.overrides(overrides);
    BlobStoreContext context = contextBuilder.buildView(BlobStoreContext.class);
    BlobStore blobStore = context.getBlobStore();

    log.info("Connect to blobstore : driver: {}, region: {}, endpoint: {}",
        driver, region, endpoint);
    return Pair.of(
        BlobStoreLocation.of(region, endpoint),
        blobStore);
}
 

@Inject
protected AWSEC2CreateNodesInGroupThenAddToSet(
      AWSEC2Api client,
      @Named("ELASTICIP") LoadingCache<RegionAndName, String> elasticIpCache,
      @Named(TIMEOUT_NODE_RUNNING) Predicate<AtomicReference<NodeMetadata>> nodeRunning,
      @Named(PROPERTY_EC2_GENERATE_INSTANCE_NAMES) boolean generateInstanceNames,
      CreateKeyPairPlacementAndSecurityGroupsAsNeededAndReturnRunOptions createKeyPairAndSecurityGroupsAsNeededAndReturncustomize,
      PresentSpotRequestsAndInstances instancePresent,
      Function<RunningInstance, NodeMetadata> runningInstanceToNodeMetadata,
      LoadingCache<RunningInstance, Optional<LoginCredentials>> instanceToCredentials,
      Map<String, Credentials> credentialStore, ComputeUtils utils,
      SpotInstanceRequestToAWSRunningInstance spotConverter) {
   super(client, elasticIpCache, nodeRunning, createKeyPairAndSecurityGroupsAsNeededAndReturncustomize,
         instancePresent, runningInstanceToNodeMetadata, instanceToCredentials, credentialStore, utils);
   this.client = checkNotNull(client, "client");
   this.spotConverter = checkNotNull(spotConverter, "spotConverter");
}
 

@Override
public boolean updateGceCredentialsIfValid(String jsonFilePath) throws KaramelException {
  if (jsonFilePath.isEmpty() || jsonFilePath == null) {
    return false;
  }
  try {
    Credentials credentials = GceLauncher.readCredentials(jsonFilePath);
    GceContext context = GceLauncher.validateCredentials(credentials);
    Confs confs = Confs.loadKaramelConfs();
    confs.put(Settings.GCE_JSON_KEY_FILE_PATH, jsonFilePath);
    confs.writeKaramelConfs();
    clusterService.registerGceContext(context);
  } catch (Throwable ex) {
    throw new KaramelException(ex.getMessage());
  }
  return true;
}
 

/**
 * Injects into the guts of jclouds' openstack-keystone a token that was requested, which 
 * should last for only 5 seconds. By sleeping for 10 seconds in the test, it should mean
 * the token subsequently used by jclouds will expire by the time the second half of the 
 * test executes.
 */
private void injectShortLivedTokenForSwiftAuth() throws Exception {
    URL endpointUrl = new URL(endpoint);
    Credentials creds = new Credentials(identity, credential);
    Set<Service> services = getServices(creds);

    HttpToolResponse tokenHttpResponse1 = requestTokenWithExplicitLifetime(endpointUrl,
        identity, credential, Duration.FIVE_SECONDS);
    
    Access access = Access.builder()
            .user(User.builder()
                    .id(identity)
                    .name(identity)
                    .build())
            .token(Token.builder()
                    .id(tokenHttpResponse1.getHeaderLists().get(AuthHeaders.AUTH_TOKEN).get(0))
                    .expires(new Date(System.currentTimeMillis() + 5000))
                    .build())
            .services(services)
            .build();

    getAuthCache(context).put(creds, access);
}
 

/**
 * Reads credential info from {@link #credentialPath} and returns in a string format.
 *
 * @return Credential in {@code String} representation.
 * @throws IgniteSpiException In case of error.
 */
private String getCredentialFromFile() throws IgniteSpiException {
    try {
        String fileContents = Files.toString(new File(credentialPath), Charsets.UTF_8);

        if (provider.equals("google-compute-engine")) {
            Supplier<Credentials> credentialSupplier = new GoogleCredentialsFromJson(fileContents);

            return credentialSupplier.get().credential;
        }

        return fileContents;
    }
    catch (IOException e) {
        throw new IgniteSpiException("Failed to retrieve the private key from the file: " + credentialPath, e);
    }
}
 

private static String getCredentialFromJsonKeyFile(String filename) {
   try {
      String fileContents = Files.toString(new File(filename), UTF_8);
      Supplier<Credentials> credentialSupplier = new GoogleCredentialsFromJson(fileContents);
      String credential = credentialSupplier.get().credential;
      return credential;
   } catch (IOException e) {
      System.err.println("Exception reading private key from '%s': " + filename);
      e.printStackTrace();
      System.exit(1);
      return null;
   }
}
 

@Inject
public AliOSSApi(@Provider Supplier<Credentials> credsSupplier, ProviderURISupplier providerURISupplier) {
    Credentials credentials = credsSupplier.get();
    this.identity = credentials.identity;
    this.credential = credentials.credential;
    this.endpoint = providerURISupplier.get()
                                       .toString();
}
 

private static String getCredentialFromJsonKeyFile(String filename) {
try {
    String fileContents = Files.toString(new File(filename), UTF_8);
    Supplier<Credentials> credentialSupplier = new GoogleCredentialsFromJson(fileContents);
    String credential = credentialSupplier.get().credential;
    return credential;
} catch (IOException e) {
    System.err.println("Exception reading private key from '%s': " + filename);
    e.printStackTrace();
    System.exit(1);
    return null;
}
   }
 

private AWSRunningInstanceToNodeMetadata createNodeParser(final ImmutableSet<Hardware> hardware,
         final ImmutableSet<Location> locations, Map<String, Credentials> credentialStore,
         Map<InstanceState, Status> instanceToNodeStatus, LoadingCache<RegionAndName, ? extends Image> instanceToImage) {
   Supplier<Set<? extends Location>> locationSupplier = new Supplier<Set<? extends Location>>() {

      @Override
      public Set<? extends Location> get() {
         return locations;
      }

   };
   Supplier<Set<? extends Hardware>> hardwareSupplier = new Supplier<Set<? extends Hardware>>() {

      @Override
      public Set<? extends Hardware> get() {
         return hardware;
      }

   };
   
   GroupNamingConvention.Factory namingConvention = Guice.createInjector(new AbstractModule() {

      @Override
      protected void configure() {
         Names.bindProperties(binder(), new AWSEC2ApiMetadata().getDefaultProperties());
      }

   }).getInstance(GroupNamingConvention.Factory.class);

   AWSRunningInstanceToNodeMetadata parser = new AWSRunningInstanceToNodeMetadata(instanceToNodeStatus,
         credentialStore, Suppliers.<LoadingCache<RegionAndName, ? extends Image>> ofInstance(instanceToImage),
         locationSupplier, hardwareSupplier, namingConvention);
   return parser;
}
 

@Inject
protected AWSEC2ComputeService(ComputeServiceContext context, Map<String, Credentials> credentialStore,
      @Memoized Supplier<Set<? extends Image>> images, @Memoized Supplier<Set<? extends Hardware>> sizes,
      @Memoized Supplier<Set<? extends Location>> locations, ListNodesStrategy listNodesStrategy,
      GetImageStrategy getImageStrategy, GetNodeMetadataStrategy getNodeMetadataStrategy,
      CreateNodesInGroupThenAddToSet runNodesAndAddToSetStrategy, RebootNodeStrategy rebootNodeStrategy,
      DestroyNodeStrategy destroyNodeStrategy, ResumeNodeStrategy startNodeStrategy,
      SuspendNodeStrategy stopNodeStrategy, Provider<TemplateBuilder> templateBuilderProvider,
      @Named("DEFAULT") Provider<TemplateOptions> templateOptionsProvider,
      @Named(TIMEOUT_NODE_RUNNING) Predicate<AtomicReference<NodeMetadata>> nodeRunning,
      @Named(TIMEOUT_NODE_TERMINATED) Predicate<AtomicReference<NodeMetadata>> nodeTerminated,
      @Named(TIMEOUT_NODE_SUSPENDED) Predicate<AtomicReference<NodeMetadata>> nodeSuspended,
      InitializeRunScriptOnNodeOrPlaceInBadMap.Factory initScriptRunnerFactory,
      RunScriptOnNode.Factory runScriptOnNodeFactory, InitAdminAccess initAdminAccess,
      PersistNodeCredentials persistNodeCredentials, Timeouts timeouts,
      @Named(Constants.PROPERTY_USER_THREADS) ListeningExecutorService userExecutor, AWSEC2Api client,
      ConcurrentMap<RegionAndName, KeyPair> credentialsMap,
      @Named("SECURITY") LoadingCache<RegionAndName, String> securityGroupMap,
      @Named("PLACEMENT") LoadingCache<RegionAndName, String> placementGroupMap,
      @Named("DELETED") Predicate<PlacementGroup> placementGroupDeleted, Optional<ImageExtension> imageExtension,
      GroupNamingConvention.Factory namingConvention,
      @Named(PROPERTY_EC2_GENERATE_INSTANCE_NAMES) boolean generateInstanceNames,
      Optional<SecurityGroupExtension> securityGroupExtension) {
   super(context, credentialStore, images, sizes, locations, listNodesStrategy, getImageStrategy,
         getNodeMetadataStrategy, runNodesAndAddToSetStrategy, rebootNodeStrategy, destroyNodeStrategy,
         startNodeStrategy, stopNodeStrategy, templateBuilderProvider, templateOptionsProvider, nodeRunning,
         nodeTerminated, nodeSuspended, initScriptRunnerFactory, runScriptOnNodeFactory, initAdminAccess,
         persistNodeCredentials, timeouts, userExecutor, client, credentialsMap, securityGroupMap, imageExtension,
         namingConvention, generateInstanceNames, securityGroupExtension);
   this.client = client;
   this.placementGroupMap = placementGroupMap;
   this.placementGroupDeleted = placementGroupDeleted;
}
 

@Inject
protected AWSRunningInstanceToNodeMetadata(Map<InstanceState, Status> instanceToNodeStatus,
      Map<String, Credentials> credentialStore, Supplier<LoadingCache<RegionAndName, ? extends Image>> imageMap,
      @Memoized Supplier<Set<? extends Location>> locations, @Memoized Supplier<Set<? extends Hardware>> hardware,
      GroupNamingConvention.Factory namingConvention) {
   super(instanceToNodeStatus, credentialStore, imageMap, locations, hardware, namingConvention);
}
 

@Inject
protected AWSEC2DestroyNodeStrategy(AWSEC2Api client, GetNodeMetadataStrategy getNode,
         @Named("ELASTICIP") LoadingCache<RegionAndName, String> elasticIpCache,
         Map<String, Credentials> credentialStore) {
   super(client, getNode, elasticIpCache);
   this.client = checkNotNull(client, "client");
   this.credentialStore = checkNotNull(credentialStore, "credentialStore");
}
 

private Set<Service> getServices(Credentials creds) throws Exception {
    BlobStoreContext tmpContext = BlobStoreContextFactoryImpl.INSTANCE.newBlobStoreContext(location);
    try {
        tmpContext.getBlobStore().list();
        LoadingCache<Credentials, Access> authCache = getAuthCache(tmpContext);
        Access tmpAccess = authCache.get(creds);
        return ImmutableSet.copyOf(tmpAccess);
    } finally {
        tmpContext.close();
    }

}
 

@Override
protected Supplier<Credentials> makeCredentials(ConfigBag conf) {
    Credentials credentials;
    String identity = null, credential = null, token = null;
    Date expiration = null;
    String provider = getProviderFromConfig(conf);
    String iamRoleName = getIamRoleNameFromConfig(conf);
    if ("aws-ec2".equals(provider)) {
        try {
            String instanceProfileUrl = AWS_SECURITY_CREDENTIAL_URL;
            JsonNode node = new ObjectMapper().readTree(new URL(instanceProfileUrl + "/" + iamRoleName));
            identity = node.path(ACCESS_KEY_ID).asText();
            credential = node.path(SECRET_ACCESS_KEY).asText();
            token = node.path(TOKEN).asText();
            expiration = new SimpleDateFormat(AWS_EXPIRATION_DATE_FORMAT).parse(node.path(EXPIRATION).asText());
        } catch (IOException | ParseException e) {
            Exceptions.propagate(e);
        }
    } else {
        throw new IllegalArgumentException("Provider " + provider + " does not support session credentials");
    }

    identity = checkNotNull(identity, "identity must not be null");
    credential = checkNotNull(credential, "credential must not be null");
    token = checkNotNull(token, "token must not be null");

    credentials = SessionCredentials.builder()
            .accessKeyId(identity)
            .credential(credential)
            .sessionToken(token)
            .expiration(expiration)
            .build();
    return () -> credentials;
}
 

@Override
protected Supplier<Credentials> makeCredentials(ConfigBag conf) {
    String identity = checkNotNull(conf.get(CloudLocationConfig.ACCESS_IDENTITY), "identity must not be null");
    String credential = checkNotNull(conf.get(CloudLocationConfig.ACCESS_CREDENTIAL), "credential must not be null");
    return () -> new Credentials.Builder<>()
            .identity(identity)
            .credential(credential)
            .build();
}
 

/**
 * Finds a node matching the properties given in config or throws an exception.
 * @param config
 * @return
 */
protected NodeMetadata findNodeOrThrow(ConfigBag config) {
    String user = checkNotNull(getUser(config), "user");
    String rawId = (String) config.getStringKey("id");
    String rawHostname = (String) config.getStringKey("hostname");
    Predicate<ComputeMetadata> predicate = getRebindToMachinePredicate(config);
    LOG.debug("Finding VM {} ({}@{}), in jclouds location for provider {} matching {}", new Object[]{
            rawId != null ? rawId : "<lookup>",
            user,
            rawHostname != null ? rawHostname : "<unspecified>",
            getProvider(),
            predicate
    });
    ComputeService computeService = getComputeService(config);
    Set<? extends NodeMetadata> candidateNodes = computeService.listNodesDetailsMatching(predicate);
    if (candidateNodes.isEmpty()) {
        throw new IllegalArgumentException("Jclouds node not found for rebind with predicate " + predicate);
    } else if (candidateNodes.size() > 1) {
        throw new IllegalArgumentException("Jclouds node for rebind matched multiple with " + predicate + ": " + candidateNodes);
    }
    NodeMetadata node = Iterables.getOnlyElement(candidateNodes);

    OsCredential osCredentials = LocationConfigUtils.getOsCredential(config).checkNoErrors().logAnyWarnings();
    String pkd = osCredentials.getPrivateKeyData();
    String password = osCredentials.getPassword();
    LoginCredentials expectedCredentials = node.getCredentials();
    if (Strings.isNonBlank(pkd)) {
        expectedCredentials = LoginCredentials.fromCredentials(new Credentials(user, pkd));
    } else if (Strings.isNonBlank(password)) {
        expectedCredentials = LoginCredentials.fromCredentials(new Credentials(user, password));
    } else if (expectedCredentials == null) {
        //need some kind of credential object, or will get NPE later
        expectedCredentials = LoginCredentials.fromCredentials(new Credentials(user, null));
    }
    node = NodeMetadataBuilder.fromNodeMetadata(node).credentials(expectedCredentials).build();

    return node;
}
 

/**
 *
 * @param credentials
 * @return
 * @throws InvalidCredentialsException
 */
public static GceContext validateCredentials(Credentials credentials) throws InvalidCredentialsException {
  try {
    GceContext context = new GceContext(credentials);
    GoogleComputeEngineApi gceApi = context.getGceApi();
    String projectName = gceApi.project().get().name();
    context.setProjectName(projectName);
    logger.info(String.format("Sucessfully Authenticated to project %s", projectName));
    return context;
  } catch (AuthorizationException e) {
    throw new InvalidCredentialsException("accountid:" + credentials.identity, e);
  }
}
 

/**
 *
 * @param jsonKeyPath
 * @return
 */
public static Credentials readCredentials(String jsonKeyPath) {
  Credentials credentials = null;
  if (jsonKeyPath != null && !jsonKeyPath.isEmpty()) {
    try {
      String fileContents = Files.toString(new File(jsonKeyPath), Charset.defaultCharset());
      Supplier<Credentials> credentialSupplier = new GoogleCredentialsFromJson(fileContents);
      credentials = credentialSupplier.get();
    } catch (IOException ex) {
      logger.error("Error Reading the Json key file. Please check the provided path is correct.", ex);
    }
  }
  return credentials;
}
 

public GceContext(Credentials credentials) {
  ComputeServiceContext context = ContextBuilder.newBuilder("google-compute-engine")
      .modules(Arrays.asList(
              new SshjSshClientModule(),
              new EnterpriseConfigurationModule(),
              new SLF4JLoggingModule()))
      .credentials(credentials.identity, credentials.credential)
      .buildView(ComputeServiceContext.class);
  computeService = context.getComputeService();
  gceApi = context.unwrapApi(GoogleComputeEngineApi.class);
  fireWallApi = gceApi.firewalls();
  networkApi = gceApi.networks();
  routeApi = gceApi.routes();
  this.credentials = credentials;
}
 

@Override
public String loadGceCredentialsIfExist() throws KaramelException {
  Confs confs = Confs.loadKaramelConfs();
  String path = confs.getProperty(Settings.GCE_JSON_KEY_FILE_PATH);
  if (path != null) {
    Credentials credentials = GceLauncher.readCredentials(path);
    if (credentials != null) {
      return path;
    }
  }

  return null;
}
 

@Test
public void testSessionCredentialSupplier() throws Exception {
    PowerMockito.mockStatic(CredentialsUtil.class);
    PowerMockito.when(CredentialsUtil.getAWSCredentialProvider(any())).thenReturn(new AWSCredentialsProvider() {
        @Override
        public AWSCredentials getCredentials() {
            return new AWSSessionCredentials() {
                @Override
                public String getSessionToken() {
                    return "token";
                }

                @Override
                public String getAWSAccessKeyId() {
                    return "access";
                }

                @Override
                public String getAWSSecretKey() {
                    return "secret";
                }
            };
        }

        @Override
        public void refresh() {

        }
    });

    Supplier<Credentials> creds = BlobStoreManagedLedgerOffloader.getCredentials("aws-s3", any());

    Assert.assertTrue(creds.get() instanceof SessionCredentials);
    SessionCredentials sessCreds = (SessionCredentials) creds.get();
    Assert.assertEquals(sessCreds.getAccessKeyId(), "access");
    Assert.assertEquals(sessCreds.getSecretAccessKey(), "secret");
    Assert.assertEquals(sessCreds.getSessionToken(), "token");
}
 

BlobStoreManagedLedgerOffloader(String driver, String container, OrderedScheduler scheduler,
                                int maxBlockSize, int readBufferSize,
                                String endpoint, String region, Supplier<Credentials> credentials,
                                Map<String, String> userMetadata) {
    this.offloadDriverName = driver;
    this.scheduler = scheduler;
    this.readBufferSize = readBufferSize;
    this.writeBucket = container;
    this.writeRegion = region;
    this.writeEndpoint = endpoint;
    this.maxBlockSize = maxBlockSize;
    this.userMetadata = userMetadata;
    this.credentials = credentials;

    if (!Strings.isNullOrEmpty(region)) {
        this.writeLocation = new LocationBuilder()
            .scope(LocationScope.REGION)
            .id(region)
            .description(region)
            .build();
    } else {
        this.writeLocation = null;
    }

    log.info("Constructor offload driver: {}, host: {}, container: {}, region: {} ",
        driver, endpoint, container, region);

    Pair<BlobStoreLocation, BlobStore> blobStore = createBlobStore(
        driver, region, endpoint, credentials, maxBlockSize
    );
    this.writeBlobStore = blobStore.getRight();
    this.readBlobStores.put(blobStore.getLeft(), blobStore.getRight());
}
 

public static BlobStoreManagedLedgerOffloader create(OffloadPolicies conf,
                                                     Map<String, String> userMetadata,
                                                     OrderedScheduler scheduler)
        throws IOException {
    offloadPolicies = conf;
    String driver = conf.getManagedLedgerOffloadDriver();
    if (!driverSupported(driver)) {
        throw new IOException(
            "Not support this kind of driver as offload backend: " + driver);
    }

    String endpoint = conf.getS3ManagedLedgerOffloadServiceEndpoint();
    String region = isS3Driver(driver) ?
        conf.getS3ManagedLedgerOffloadRegion() :
        conf.getGcsManagedLedgerOffloadRegion();
    String bucket = isS3Driver(driver) ?
        conf.getS3ManagedLedgerOffloadBucket() :
        conf.getGcsManagedLedgerOffloadBucket();
    int maxBlockSize = isS3Driver(driver) ?
        conf.getS3ManagedLedgerOffloadMaxBlockSizeInBytes() :
        conf.getGcsManagedLedgerOffloadMaxBlockSizeInBytes();
    int readBufferSize = isS3Driver(driver) ?
        conf.getS3ManagedLedgerOffloadReadBufferSizeInBytes() :
        conf.getGcsManagedLedgerOffloadReadBufferSizeInBytes();

    if (isS3Driver(driver) && Strings.isNullOrEmpty(region) && Strings.isNullOrEmpty(endpoint)) {
        throw new IOException(
                "Either s3ManagedLedgerOffloadRegion or s3ManagedLedgerOffloadServiceEndpoint must be set"
                + " if s3 offload enabled");
    }

    if (Strings.isNullOrEmpty(bucket)) {
        throw new IOException(
            "ManagedLedgerOffloadBucket cannot be empty for s3 and gcs offload");
    }
    if (maxBlockSize < 5*1024*1024) {
        throw new IOException(
            "ManagedLedgerOffloadMaxBlockSizeInBytes cannot be less than 5MB for s3 and gcs offload");
    }

    Supplier<Credentials> credentials = getCredentials(driver, conf);

    return new BlobStoreManagedLedgerOffloader(driver, bucket, scheduler,
        maxBlockSize, readBufferSize, endpoint, region, credentials, userMetadata);
}
 

public static Supplier<Credentials> getCredentials(String driver,
           OffloadPolicies conf) throws IOException {
    // credentials:
    //   for s3, get by DefaultAWSCredentialsProviderChain.
    //   for gcs, use downloaded file 'google_creds.json', which contains service account key by
    //     following instructions in page https://support.google.com/googleapi/answer/6158849

    if (isGcsDriver(driver)) {
        String gcsKeyPath = conf.getGcsManagedLedgerOffloadServiceAccountKeyFile();
        if (Strings.isNullOrEmpty(gcsKeyPath)) {
            throw new IOException(
                "The service account key path is empty for GCS driver");
        }
        try {
            String gcsKeyContent = Files.toString(new File(gcsKeyPath), Charset.defaultCharset());
            return () -> new GoogleCredentialsFromJson(gcsKeyContent).get();
        } catch (IOException ioe) {
            log.error("Cannot read GCS service account credentials file: {}", gcsKeyPath);
            throw new IOException(ioe);
        }
    } else if (isS3Driver(driver)) {
        AWSCredentialsProvider credsChain = CredentialsUtil.getAWSCredentialProvider(conf);
        // try and get creds before starting... if we can't fetch
        // creds on boot, we want to fail
        try {
            credsChain.getCredentials();
        } catch (Exception e) {
            // allowed, some mock s3 service not need credential
            log.error("unable to fetch S3 credentials for offloading, failing", e);
            throw e;
        }

        return () -> {
            AWSCredentials creds = credsChain.getCredentials();
            if (creds == null) {
                // we don't expect this to happen, as we
                // successfully fetched creds on boot
                throw new RuntimeException("Unable to fetch S3 credentials after start, unexpected!");
            }
            // if we have session credentials, we need to send the session token
            // this allows us to support EC2 metadata credentials
            if (creds instanceof AWSSessionCredentials) {
                return SessionCredentials.builder()
                        .accessKeyId(creds.getAWSAccessKeyId())
                        .secretAccessKey(creds.getAWSSecretKey())
                        .sessionToken(((AWSSessionCredentials) creds).getSessionToken())
                        .build();
            } else {
                return new Credentials(creds.getAWSAccessKeyId(), creds.getAWSSecretKey());
            }
        };
    } else {
        throw new IOException(
            "Not support this kind of driver: " + driver);
    }
}
 

BlobStoreManagedLedgerOffloader(String driver, String container, OrderedScheduler scheduler,
                                int maxBlockSize, int readBufferSize, String endpoint, String region, Supplier<Credentials> credentials) {
    this(driver, container, scheduler, maxBlockSize, readBufferSize, endpoint, region, credentials, Maps.newHashMap());
}
 

protected AWSRunningInstanceToNodeMetadata createNodeParser(final ImmutableSet<Hardware> hardware,
         final ImmutableSet<Location> locations, Set<org.jclouds.compute.domain.Image> images,
         Map<String, Credentials> credentialStore) {
   Map<InstanceState, Status> instanceToNodeStatus = EC2ComputeServiceDependenciesModule.toPortableNodeStatus;

   final Map<RegionAndName, ? extends Image> backing = ImagesToRegionAndIdMap.imagesToMap(images);

   LoadingCache<RegionAndName, Image> instanceToImage = CacheBuilder.newBuilder().build(new CacheLoader<RegionAndName, Image>() {
 
      @Override
      public Image load(RegionAndName key) throws Exception {
         return backing.get(key);
      }
      
   });
         
       
   return createNodeParser(hardware, locations, credentialStore, instanceToNodeStatus, instanceToImage);
}
 

@Test
public void test2Nodes() {

   AWSRunningInstanceToNodeMetadata parser = createNodeParser(ImmutableSet.<Hardware> of(), ImmutableSet
            .<Location> of(), ImmutableSet.<Image> of(), ImmutableMap.<String, Credentials> of());

   ImmutableSet<AWSRunningInstance> contents = ImmutableSet.of(new AWSRunningInstance.Builder()
            .region(defaultRegion)
            .instanceId("i-911444f0")
            .imageId("ami-63be790a")
            .instanceState(InstanceState.RUNNING)
            .rawState("running")
            .privateDnsName("ip-10-212-81-7.ec2.internal")
            .dnsName("ec2-174-129-173-155.compute-1.amazonaws.com")
            .keyName("jclouds#zkclustertest#23")
            .amiLaunchIndex("0")
            .instanceType("t1.micro")
            .launchTime(dateService.iso8601DateParse("2011-08-16T13:40:50.000Z"))
            .availabilityZone("us-east-1c")
            .kernelId("aki-427d952b")
            .monitoringState(MonitoringState.DISABLED)
            .privateIpAddress("10.212.81.7")
            .ipAddress("174.129.173.155")
            .securityGroupIdToNames(ImmutableMap.<String, String> of("sg-ef052b86", "jclouds#zkclustertest"))
            .rootDeviceType(RootDeviceType.EBS)
            .rootDeviceName("/dev/sda1")
            .device("/dev/sda1", new BlockDevice("vol-5829fc32", Attachment.Status.ATTACHED, dateService.iso8601DateParse("2011-08-16T13:41:19.000Z"), true))
            .virtualizationType("paravirtual")
            .tag("Name", "foo")
            .tag("Empty", "")
            .hypervisor(Hypervisor.XEN)
            .build(),
            new AWSRunningInstance.Builder()
                     .region(defaultRegion)
                     .instanceId("i-931444f2")
                     .imageId("ami-63be790a")
                     .instanceState(InstanceState.RUNNING)
                     .rawState("running")
                     .privateDnsName("ip-10-212-185-8.ec2.internal")
                     .dnsName("ec2-50-19-207-248.compute-1.amazonaws.com")
                     .keyName("jclouds#zkclustertest#23")
                     .amiLaunchIndex("0")
                     .instanceType("t1.micro")
                     .launchTime(dateService.iso8601DateParse("2011-08-16T13:40:50.000Z"))
                     .availabilityZone("us-east-1c")
                     .kernelId("aki-427d952b")
                     .monitoringState(MonitoringState.DISABLED)
                     .privateIpAddress("10.212.185.8")
                     .ipAddress("50.19.207.248")
                     .securityGroupIdToNames(ImmutableMap.<String, String>of("sg-ef052b86", "jclouds#zkclustertest"))
                     .rootDeviceType(RootDeviceType.EBS)
                     .rootDeviceName("/dev/sda1")
                     .device("/dev/sda1", new BlockDevice("vol-5029fc3a", Attachment.Status.ATTACHED, dateService.iso8601DateParse("2011-08-16T13:41:19.000Z"), true))
                     .virtualizationType("paravirtual")
                     .hypervisor(Hypervisor.XEN)
                     .build());

   assertEquals(
         parser.apply(Iterables.get(contents, 0)).toString(),
         new NodeMetadataBuilder()
               .status(Status.RUNNING)
               .backendStatus("running")
               .group("zkclustertest")
               .name("foo")
               .hostname("ip-10-212-81-7")
               .privateAddresses(ImmutableSet.of("10.212.81.7"))
               .publicAddresses(ImmutableSet.of("174.129.173.155"))
               .imageId("us-east-1/ami-63be790a")
               .id("us-east-1/i-911444f0")
               .providerId("i-911444f0")
               .tags(ImmutableSet.of("Empty"))
               .userMetadata(ImmutableMap.of("Name", "foo")).build().toString());
   assertEquals(
           parser.apply(Iterables.get(contents, 1)).toString(), 
           new NodeMetadataBuilder()
               .status(Status.RUNNING)
               .backendStatus("running")
               .group("zkclustertest")
               .hostname("ip-10-212-185-8")
               .privateAddresses(ImmutableSet.of("10.212.185.8"))
               .publicAddresses(ImmutableSet.of("50.19.207.248"))
               .imageId("us-east-1/ami-63be790a")
               .id("us-east-1/i-931444f2")
               .providerId("i-931444f2")
               .build().toString());
}
 

@Inject
protected CachePeeker(LoadingCache<Credentials, Access> authenticationResponseCache) {
   this.authenticationResponseCache = authenticationResponseCache;
}
 

public Credentials getCredentials() {
  return credentials;
}
 

private LoadingCache<Credentials, Access> getAuthCache(BlobStoreContext context) {
    return context.utils().injector().getInstance(CachePeeker.class).authenticationResponseCache;
}