software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider Java Examples

The following examples show how to use software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AsyncResponseTransformerIntegrationTest.java    From aws-sdk-java-v2 with Apache License 2.0 6 votes vote down vote up
@Test
public void AsyncResponseTransformerPrepareCalled_BeforeCredentailsResolution() {
    S3AsyncClient client = S3AsyncClient.builder()
                                        .credentialsProvider(AwsCredentialsProviderChain.of(
                                            ProfileCredentialsProvider.create("dummyprofile")))
                                        .build();

    try {
        client.getObject(b -> b.bucket("dummy").key("key"), asyncResponseTransformer).join();
        fail("Expected an exception during credential resolution");
    } catch (Throwable t) {

    }

    verify(asyncResponseTransformer, times(1)).prepare();
    verify(asyncResponseTransformer, times(1)).exceptionOccurred(any());
}
 
Example #2
Source File: AwsModule.java    From beam with Apache License 2.0 5 votes vote down vote up
@Override
public AwsCredentialsProvider deserializeWithType(
    JsonParser jsonParser, DeserializationContext context, TypeDeserializer typeDeserializer)
    throws IOException {
  Map<String, String> asMap =
      jsonParser.readValueAs(new TypeReference<Map<String, String>>() {});

  String typeNameKey = typeDeserializer.getPropertyName();
  String typeName = asMap.get(typeNameKey);
  if (typeName == null) {
    throw new IOException(
        String.format("AWS credentials provider type name key '%s' not found", typeNameKey));
  }

  if (typeName.equals(StaticCredentialsProvider.class.getSimpleName())) {
    return StaticCredentialsProvider.create(
        AwsBasicCredentials.create(asMap.get(ACCESS_KEY_ID), asMap.get(SECRET_ACCESS_KEY)));
  } else if (typeName.equals(DefaultCredentialsProvider.class.getSimpleName())) {
    return DefaultCredentialsProvider.create();
  } else if (typeName.equals(EnvironmentVariableCredentialsProvider.class.getSimpleName())) {
    return EnvironmentVariableCredentialsProvider.create();
  } else if (typeName.equals(SystemPropertyCredentialsProvider.class.getSimpleName())) {
    return SystemPropertyCredentialsProvider.create();
  } else if (typeName.equals(ProfileCredentialsProvider.class.getSimpleName())) {
    return ProfileCredentialsProvider.create();
  } else if (typeName.equals(ContainerCredentialsProvider.class.getSimpleName())) {
    return ContainerCredentialsProvider.builder().build();
  } else {
    throw new IOException(
        String.format("AWS credential provider type '%s' is not supported", typeName));
  }
}
 
Example #3
Source File: AwsModuleTest.java    From beam with Apache License 2.0 5 votes vote down vote up
@Test
public void testAwsCredentialsProviderSerializationDeserialization() throws Exception {
  AwsCredentialsProvider credentialsProvider = DefaultCredentialsProvider.create();
  String serializedCredentialsProvider = objectMapper.writeValueAsString(credentialsProvider);
  AwsCredentialsProvider deserializedCredentialsProvider =
      objectMapper.readValue(serializedCredentialsProvider, DefaultCredentialsProvider.class);
  assertEquals(credentialsProvider.getClass(), deserializedCredentialsProvider.getClass());

  credentialsProvider = EnvironmentVariableCredentialsProvider.create();
  serializedCredentialsProvider = objectMapper.writeValueAsString(credentialsProvider);
  deserializedCredentialsProvider =
      objectMapper.readValue(serializedCredentialsProvider, AwsCredentialsProvider.class);
  assertEquals(credentialsProvider.getClass(), deserializedCredentialsProvider.getClass());

  credentialsProvider = SystemPropertyCredentialsProvider.create();
  serializedCredentialsProvider = objectMapper.writeValueAsString(credentialsProvider);
  deserializedCredentialsProvider =
      objectMapper.readValue(serializedCredentialsProvider, AwsCredentialsProvider.class);
  assertEquals(credentialsProvider.getClass(), deserializedCredentialsProvider.getClass());

  credentialsProvider = ProfileCredentialsProvider.create();
  serializedCredentialsProvider = objectMapper.writeValueAsString(credentialsProvider);
  deserializedCredentialsProvider =
      objectMapper.readValue(serializedCredentialsProvider, AwsCredentialsProvider.class);
  assertEquals(credentialsProvider.getClass(), deserializedCredentialsProvider.getClass());

  credentialsProvider = ContainerCredentialsProvider.builder().build();
  serializedCredentialsProvider = objectMapper.writeValueAsString(credentialsProvider);
  deserializedCredentialsProvider =
      objectMapper.readValue(serializedCredentialsProvider, AwsCredentialsProvider.class);
  assertEquals(credentialsProvider.getClass(), deserializedCredentialsProvider.getClass());
}
 
Example #4
Source File: S3RandomAccessFile.java    From netcdf-java with BSD 3-Clause "New" or "Revised" License 4 votes vote down vote up
private S3RandomAccessFile(String url) throws IOException {
  super(url, s3BufferSize, s3MaxReadCacheSize);

  // Region is tricky. Since we are using AWS SDK to manage connections to all object stores, we might have users
  // who use netCDF-Java and never touch AWS. If that's they case, they likely have not setup a basic credentials or
  // configuration file, and thus lack a default region. What we will do here is check to see if there is one set.
  // If, by the time we make the client, profileRegion isn't set, we will default to the AWS_GLOBAL region, which is
  // like a no-op region when it comes to S3. This will allow requests to non-AWS-S3 object stores to work, because
  // a region must be set, even if it's useless.
  Optional<Region> profileRegion = ProfileFile.defaultProfileFile().profile("default")
      .map(p -> p.properties().get(ProfileProperty.REGION)).map(Region::of);

  try {
    uri = new CdmS3Uri(url);
  } catch (URISyntaxException urie) {
    // If we are given a string that is not a valid CdmS3Uri
    // throw an IOException
    throw new IOException(urie.getCause());
  }

  Builder httpConfig = ApacheHttpClient.builder().maxConnections(maxConnections)
      .connectionTimeout(Duration.ofMillis(connectionTimeout)).socketTimeout(Duration.ofMillis(socketTimeout));

  S3ClientBuilder s3ClientBuilder = S3Client.builder().httpClientBuilder(httpConfig);

  // if we are accessing an S3 compatible service, we need to override the server endpoint
  uri.getEndpoint().ifPresent(s3ClientBuilder::endpointOverride);

  // build up a chain of credentials providers
  AwsCredentialsProviderChain.Builder cdmCredentialsProviderChainBuilder = AwsCredentialsProviderChain.builder();

  // if uri has a profile name, we need setup a credentials provider to look for potential credentials, and see if a
  // region has been set
  if (uri.getProfile().isPresent()) {
    // get the profile name
    String profileName = uri.getProfile().get();

    ProfileCredentialsProvider namedProfileCredentials =
        ProfileCredentialsProvider.builder().profileName(profileName).build();

    // add it to the chain that it is the first thing checked for credentials
    cdmCredentialsProviderChainBuilder.addCredentialsProvider(namedProfileCredentials);

    // Read the region associated with the profile, if set
    // Note: the java sdk does not do this by default
    Optional<Region> namedProfileRegion = ProfileFile.defaultProfileFile().profile(profileName)
        .map(p -> p.properties().get(ProfileProperty.REGION)).map(Region::of);
    // if the named profile has a region, update profileRegion to use it.
    if (namedProfileRegion.isPresent()) {
      profileRegion = namedProfileRegion;
    }
  }

  // Add the Default Credentials Provider Chain:
  // https://docs.aws.amazon.com/sdk-for-java/v2/developer-guide/credentials.html
  cdmCredentialsProviderChainBuilder.addCredentialsProvider(DefaultCredentialsProvider.create());

  // Add the AnonymousCredentialsProvider last
  cdmCredentialsProviderChainBuilder.addCredentialsProvider(AnonymousCredentialsProvider.create());

  // build the credentials provider that we'll use
  AwsCredentialsProviderChain cdmCredentialsProviderChain = cdmCredentialsProviderChainBuilder.build();

  // Add the credentials provider to the client builder
  s3ClientBuilder.credentialsProvider(cdmCredentialsProviderChain);

  // Set the region for the client builder (default to AWS_GLOBAL)
  s3ClientBuilder.region(profileRegion.orElse(Region.AWS_GLOBAL));

  // Build the client
  client = s3ClientBuilder.build();

  // request HEAD for the object
  HeadObjectRequest headdObjectRequest =
      HeadObjectRequest.builder().bucket(uri.getBucket()).key(uri.getKey()).build();

  objectHeadResponse = client.headObject(headdObjectRequest);
}