Skip to content

Commit

Permalink
feat: reuse provider name in chainable providers
Browse files Browse the repository at this point in the history
  • Loading branch information
yndu13 committed Nov 11, 2024
1 parent 1170807 commit 115dc39
Show file tree
Hide file tree
Showing 10 changed files with 115 additions and 13 deletions.
2 changes: 1 addition & 1 deletion credentials/internal/http/http.go
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ func Do(req *Request) (res *Response, err error) {
httpClient := &http.Client{}

if req.ReadTimeout != 0 {
httpClient.Timeout = req.ReadTimeout
httpClient.Timeout = req.ReadTimeout + req.ConnectTimeout
}

transport := &http.Transport{}
Expand Down
7 changes: 6 additions & 1 deletion credentials/providers/cli_profile.go
Original file line number Diff line number Diff line change
Expand Up @@ -210,11 +210,16 @@ func (provider *CLIProfileCredentialsProvider) GetCredentials() (cc *Credentials
return
}

providerName := innerCC.ProviderName
if providerName == "" {
providerName = provider.innerProvider.GetProviderName()
}

cc = &Credentials{
AccessKeyId: innerCC.AccessKeyId,
AccessKeySecret: innerCC.AccessKeySecret,
SecurityToken: innerCC.SecurityToken,
ProviderName: fmt.Sprintf("%s/%s", provider.GetProviderName(), provider.innerProvider.GetProviderName()),
ProviderName: fmt.Sprintf("%s/%s", provider.GetProviderName(), providerName),
}

return
Expand Down
19 changes: 19 additions & 0 deletions credentials/providers/cli_profile_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import (
"strings"
"testing"

httputil "github.com/aliyun/credentials-go/credentials/internal/http"
"github.com/aliyun/credentials-go/credentials/internal/utils"
"github.com/stretchr/testify/assert"
)
Expand Down Expand Up @@ -188,6 +189,8 @@ func TestCLIProfileCredentialsProvider_getCredentialsProvider(t *testing.T) {
}

func TestCLIProfileCredentialsProvider_GetCredentials(t *testing.T) {
originHttpDo := httpDo
defer func() { httpDo = originHttpDo }()
defer func() {
getHomePath = utils.GetHomePath
}()
Expand Down Expand Up @@ -230,4 +233,20 @@ func TestCLIProfileCredentialsProvider_GetCredentials(t *testing.T) {
assert.Nil(t, err)
_, err = provider.GetCredentials()
assert.Contains(t, err.Error(), "InvalidAccessKeyId.NotFound")

httpDo = func(req *httputil.Request) (res *httputil.Response, err error) {
res = &httputil.Response{
StatusCode: 200,
Body: []byte(`{"Credentials": {"AccessKeyId":"akid","AccessKeySecret":"aksecret","Expiration":"2021-10-20T04:27:09Z","SecurityToken":"ststoken"}}`),
}
return
}
provider, err = NewCLIProfileCredentialsProviderBuilder().WithProfileName("ChainableRamRoleArn").Build()
assert.Nil(t, err)
cc, err = provider.GetCredentials()
assert.Nil(t, err)
assert.Equal(t, "akid", cc.AccessKeyId)
assert.Equal(t, "aksecret", cc.AccessKeySecret)
assert.Equal(t, "ststoken", cc.SecurityToken)
assert.Equal(t, "cli_profile/ram_role_arn/ram_role_arn/static_ak", cc.ProviderName)
}
13 changes: 11 additions & 2 deletions credentials/providers/default.go
Original file line number Diff line number Diff line change
Expand Up @@ -64,11 +64,16 @@ func (provider *DefaultCredentialsProvider) GetCredentials() (cc *Credentials, e
return
}

providerName := inner.ProviderName
if providerName == "" {
providerName = provider.lastUsedProvider.GetProviderName()
}

cc = &Credentials{
AccessKeyId: inner.AccessKeyId,
AccessKeySecret: inner.AccessKeySecret,
SecurityToken: inner.SecurityToken,
ProviderName: fmt.Sprintf("%s/%s", provider.GetProviderName(), provider.lastUsedProvider.GetProviderName()),
ProviderName: fmt.Sprintf("%s/%s", provider.GetProviderName(), providerName),
}
return
}
Expand All @@ -84,11 +89,15 @@ func (provider *DefaultCredentialsProvider) GetCredentials() (cc *Credentials, e
}

if inner != nil {
providerName := inner.ProviderName
if providerName == "" {
providerName = p.GetProviderName()
}
cc = &Credentials{
AccessKeyId: inner.AccessKeyId,
AccessKeySecret: inner.AccessKeySecret,
SecurityToken: inner.SecurityToken,
ProviderName: fmt.Sprintf("%s/%s", provider.GetProviderName(), p.GetProviderName()),
ProviderName: fmt.Sprintf("%s/%s", provider.GetProviderName(), providerName),
}
return
}
Expand Down
26 changes: 25 additions & 1 deletion credentials/providers/default_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,10 @@ package providers

import (
"os"
"path"
"testing"

httputil "github.com/aliyun/credentials-go/credentials/internal/http"
"github.com/aliyun/credentials-go/credentials/internal/utils"
"github.com/stretchr/testify/assert"
)
Expand Down Expand Up @@ -102,12 +104,15 @@ func TestDefaultCredentialsProvider_GetCredentials(t *testing.T) {
rollback := utils.Memory("ALIBABA_CLOUD_ACCESS_KEY_ID",
"ALIBABA_CLOUD_ACCESS_KEY_SECRET",
"ALIBABA_CLOUD_SECURITY_TOKEN",
"ALIBABA_CLOUD_ECS_METADATA_DISABLED")
"ALIBABA_CLOUD_ECS_METADATA_DISABLED",
"ALIBABA_CLOUD_PROFILE")

defer func() {
getHomePath = utils.GetHomePath
rollback()
}()
originHttpDo := httpDo
defer func() { httpDo = originHttpDo }()

// testcase: empty home
getHomePath = func() string {
Expand All @@ -131,4 +136,23 @@ func TestDefaultCredentialsProvider_GetCredentials(t *testing.T) {
cc, err = provider.GetCredentials()
assert.Nil(t, err)
assert.Equal(t, &Credentials{AccessKeyId: "akid", AccessKeySecret: "aksecret", SecurityToken: "", ProviderName: "default/env"}, cc)

getHomePath = func() string {
wd, _ := os.Getwd()
return path.Join(wd, "fixtures")
}
os.Setenv("ALIBABA_CLOUD_ACCESS_KEY_ID", "")
os.Setenv("ALIBABA_CLOUD_ACCESS_KEY_SECRET", "")
os.Setenv("ALIBABA_CLOUD_PROFILE", "ChainableRamRoleArn")
httpDo = func(req *httputil.Request) (res *httputil.Response, err error) {
res = &httputil.Response{
StatusCode: 200,
Body: []byte(`{"Credentials": {"AccessKeyId":"akid","AccessKeySecret":"aksecret","Expiration":"2021-10-20T04:27:09Z","SecurityToken":"ststoken"}}`),
}
return
}
provider = NewDefaultCredentialsProvider()
cc, err = provider.GetCredentials()
assert.Nil(t, err)
assert.Equal(t, &Credentials{AccessKeyId: "akid", AccessKeySecret: "aksecret", SecurityToken: "ststoken", ProviderName: "default/cli_profile/ram_role_arn/ram_role_arn/static_ak"}, cc)
}
8 changes: 7 additions & 1 deletion credentials/providers/fixtures/.aliyun/config.json
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,13 @@
{
"name": "ChainableRamRoleArn",
"mode": "ChainableRamRoleArn",
"source_profile": "ChainableRamRoleArn"
"ram_role_arn": "arn",
"source_profile": "RamRoleArn"
},
{
"name": "ChainableRamRoleArn1",
"mode": "ChainableRamRoleArn",
"source_profile": "AK"
},
{
"name": "ChainableRamRoleArn2",
Expand Down
7 changes: 6 additions & 1 deletion credentials/providers/profile.go
Original file line number Diff line number Diff line change
Expand Up @@ -149,11 +149,16 @@ func (provider *ProfileCredentialsProvider) GetCredentials() (cc *Credentials, e
return
}

providerName := innerCC.ProviderName
if providerName == "" {
providerName = provider.innerProvider.GetProviderName()
}

cc = &Credentials{
AccessKeyId: innerCC.AccessKeyId,
AccessKeySecret: innerCC.AccessKeySecret,
SecurityToken: innerCC.SecurityToken,
ProviderName: fmt.Sprintf("%s/%s", provider.GetProviderName(), provider.innerProvider.GetProviderName()),
ProviderName: fmt.Sprintf("%s/%s", provider.GetProviderName(), providerName),
}

return
Expand Down
19 changes: 19 additions & 0 deletions credentials/providers/profile_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (
"path"
"testing"

httputil "github.com/aliyun/credentials-go/credentials/internal/http"
"github.com/aliyun/credentials-go/credentials/internal/utils"
"github.com/stretchr/testify/assert"
"gopkg.in/ini.v1"
Expand Down Expand Up @@ -195,6 +196,8 @@ func TestProfileCredentialsProvider_getCredentialsProvider(t *testing.T) {
}

func TestProfileCredentialsProviderGetCredentials(t *testing.T) {
originHttpDo := httpDo
defer func() { httpDo = originHttpDo }()
rollback := utils.Memory("ALIBABA_CLOUD_CREDENTIALS_FILE")
defer func() {
getHomePath = utils.GetHomePath
Expand Down Expand Up @@ -249,4 +252,20 @@ func TestProfileCredentialsProviderGetCredentials(t *testing.T) {
cc, err = provider.GetCredentials()
assert.Nil(t, err)
assert.Equal(t, &Credentials{AccessKeyId: "foo", AccessKeySecret: "bar", SecurityToken: "", ProviderName: "profile/static_ak"}, cc)

httpDo = func(req *httputil.Request) (res *httputil.Response, err error) {
res = &httputil.Response{
StatusCode: 200,
Body: []byte(`{"Credentials": {"AccessKeyId":"akid","AccessKeySecret":"aksecret","Expiration":"2021-10-20T04:27:09Z","SecurityToken":"ststoken"}}`),
}
return
}
provider, err = NewProfileCredentialsProviderBuilder().WithProfileName("ram").Build()
assert.Nil(t, err)
cc, err = provider.GetCredentials()
assert.Nil(t, err)
assert.Equal(t, "akid", cc.AccessKeyId)
assert.Equal(t, "aksecret", cc.AccessKeySecret)
assert.Equal(t, "ststoken", cc.SecurityToken)
assert.Equal(t, "profile/ram_role_arn/static_ak", cc.ProviderName)
}
10 changes: 6 additions & 4 deletions credentials/providers/ram_role_arn.go
Original file line number Diff line number Diff line change
Expand Up @@ -65,9 +65,10 @@ type RAMRoleARNCredentialsProvider struct {
// for http options
httpOptions *HttpOptions
// inner
expirationTimestamp int64
lastUpdateTimestamp int64
sessionCredentials *sessionCredentials
expirationTimestamp int64
lastUpdateTimestamp int64
previousProviderName string
sessionCredentials *sessionCredentials
}

type RAMRoleARNCredentialsProviderBuilder struct {
Expand Down Expand Up @@ -356,14 +357,15 @@ func (provider *RAMRoleARNCredentialsProvider) GetCredentials() (cc *Credentials

provider.expirationTimestamp = expirationTime.Unix()
provider.lastUpdateTimestamp = time.Now().Unix()
provider.previousProviderName = previousCredentials.ProviderName
provider.sessionCredentials = sessionCredentials
}

cc = &Credentials{
AccessKeyId: provider.sessionCredentials.AccessKeyId,
AccessKeySecret: provider.sessionCredentials.AccessKeySecret,
SecurityToken: provider.sessionCredentials.SecurityToken,
ProviderName: fmt.Sprintf("%s/%s", provider.GetProviderName(), provider.credentialsProvider.GetProviderName()),
ProviderName: fmt.Sprintf("%s/%s", provider.GetProviderName(), provider.previousProviderName),
}
return
}
Expand Down
17 changes: 15 additions & 2 deletions credentials/providers/ram_role_arn_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ package providers

import (
"errors"
"fmt"
"os"
"strings"
"testing"
Expand Down Expand Up @@ -142,7 +141,6 @@ func TestNewRAMRoleARNCredentialsProvider(t *testing.T) {
WithDurationSeconds(1000).
Build()
assert.Nil(t, err)
fmt.Println(p.credentialsProvider)
cre, err := p.credentialsProvider.GetCredentials()
assert.Nil(t, err)
assert.Equal(t, "ak", cre.AccessKeyId)
Expand Down Expand Up @@ -398,6 +396,21 @@ func TestRAMRoleARNCredentialsProviderGetCredentials(t *testing.T) {
assert.Equal(t, "ststoken", cc.SecurityToken)
assert.Equal(t, "ram_role_arn/static_ak", cc.ProviderName)
assert.True(t, p.needUpdateCredential())

pp, err := NewRAMRoleARNCredentialsProviderBuilder().
WithCredentialsProvider(p).
WithRoleArn("roleArn").
WithRoleSessionName("rsn").
WithDurationSeconds(1000).
Build()
assert.Nil(t, err)
cc, err = pp.GetCredentials()
assert.Nil(t, err)
assert.Equal(t, "akid", cc.AccessKeyId)
assert.Equal(t, "aksecret", cc.AccessKeySecret)
assert.Equal(t, "ststoken", cc.SecurityToken)
assert.True(t, pp.needUpdateCredential())
assert.Equal(t, "ram_role_arn/ram_role_arn/static_ak", cc.ProviderName)
}

func TestRAMRoleARNCredentialsProviderGetCredentialsWithError(t *testing.T) {
Expand Down

0 comments on commit 115dc39

Please sign in to comment.