Example usage for com.amazonaws.auth BasicSessionCredentials BasicSessionCredentials

List of usage examples for com.amazonaws.auth BasicSessionCredentials BasicSessionCredentials

Introduction

In this page you can find the example usage for com.amazonaws.auth BasicSessionCredentials BasicSessionCredentials.

Prototype

public BasicSessionCredentials(String awsAccessKey, String awsSecretKey, String sessionToken) 

Source Link

Usage

From source file:com.rmn.qa.aws.AwsVmManager.java

License:Open Source License

/**
 * Retrieves AWS {@link com.amazonaws.auth.BasicAWSCredentials credentials} from the configuration file.
 *
 * @return/*from  ww w . j  a va 2s. c  om*/
 */
@VisibleForTesting
AWSCredentials getCredentials() {
    Properties awsProperties = getAwsProperties();
    // Give the system property credentials precedence over ones found in the config file
    String accessKey = System.getProperty(AutomationConstants.AWS_ACCESS_KEY);
    if (accessKey == null) {
        accessKey = awsProperties.getProperty(AutomationConstants.AWS_ACCESS_KEY);
        if (accessKey == null) {
            throw new IllegalArgumentException(String.format(
                    "AWS Access Key must be passed in by the [%s] system property or be present in the AWS config file",
                    AutomationConstants.AWS_ACCESS_KEY));
        }
    }

    String privateKey = System.getProperty(AutomationConstants.AWS_PRIVATE_KEY);
    if (privateKey == null) {
        privateKey = awsProperties.getProperty(AutomationConstants.AWS_PRIVATE_KEY);
        if (privateKey == null) {
            throw new IllegalArgumentException(String.format(
                    "AWS Private Key must be passed in by the [%s] system property or be present in the AWS config file",
                    AutomationConstants.AWS_PRIVATE_KEY));
        }
    }

    // Token is not required, so do not throw an exception if it is not present
    String token = System.getProperty(AutomationConstants.AWS_TOKEN);
    if (token == null) {
        token = awsProperties.getProperty(AutomationConstants.AWS_TOKEN);
    }

    return new BasicSessionCredentials(accessKey, privateKey, token);
}

From source file:com.upplication.s3fs.S3FileSystemProvider.java

License:Open Source License

protected S3FileSystem createFileSystem0(URI uri, Object accessKey, Object secretKey, Object sessionToken) {
    AmazonS3Client client;//from   w ww .  j  ava2  s. c  o m
    ClientConfiguration config = createClientConfig(props);

    if (accessKey == null && secretKey == null) {
        client = new AmazonS3Client(new com.amazonaws.services.s3.AmazonS3Client(config));
    } else {

        AWSCredentials credentials = (sessionToken == null
                ? new BasicAWSCredentials(accessKey.toString(), secretKey.toString())
                : new BasicSessionCredentials(accessKey.toString(), secretKey.toString(),
                        sessionToken.toString()));
        client = new AmazonS3Client(new com.amazonaws.services.s3.AmazonS3Client(credentials, config));
    }

    // note: path style access is going to be deprecated
    // https://aws.amazon.com/blogs/aws/amazon-s3-path-deprecation-plan-the-rest-of-the-story/
    boolean usePathStyle = "true".equals(props.getProperty("s_3_path_style_access"))
            || "true".equals(props.getProperty("s3_path_style_access"));
    if (usePathStyle) {
        S3ClientOptions options = S3ClientOptions.builder().setPathStyleAccess(usePathStyle).build();
        client.client.setS3ClientOptions(options);
    }

    if (uri.getHost() != null) {
        client.setEndpoint(uri.getHost());
    } else if (props.getProperty("endpoint") != null) {
        client.setEndpoint(props.getProperty("endpoint"));
    } else if (props.getProperty("region") != null) {
        client.setRegion(props.getProperty("region"));
    }

    S3FileSystem result = new S3FileSystem(this, client, uri.getHost());
    return result;
}

From source file:com.yahoo.athenz.instance.provider.impl.InstanceAWSProvider.java

License:Apache License

AWSSecurityTokenServiceClient getInstanceClient(AWSAttestationData info) {

    String access = info.getAccess();
    if (access == null || access.isEmpty()) {
        LOGGER.error("getInstanceClient: No access key id available in instance document");
        return null;
    }//  w  w w.j a va2 s .  c o m

    String secret = info.getSecret();
    if (secret == null || secret.isEmpty()) {
        LOGGER.error("getInstanceClient: No secret access key available in instance document");
        return null;
    }

    String token = info.getToken();
    if (token == null || token.isEmpty()) {
        LOGGER.error("getInstanceClient: No token available in instance document");
        return null;
    }

    BasicSessionCredentials creds = new BasicSessionCredentials(access, secret, token);
    return new AWSSecurityTokenServiceClient(creds);
}

From source file:com.yahoo.athenz.zts.AWSCredentialsProviderImpl.java

License:Apache License

@Override
public void refresh() {
    try {/*from   w  w  w.j  av a 2 s .c  o  m*/
        AWSTemporaryCredentials creds = ztsClient.getAWSTemporaryCredentials(domainName, roleName);
        if (LOG.isDebugEnabled()) {
            LOG.debug("Refresh: Credentials with id: {} and expiration {} were fetched", creds.getAccessKeyId(),
                    creds.getExpiration());
        }

        this.credentials = new BasicSessionCredentials(creds.getAccessKeyId(), creds.getSecretAccessKey(),
                creds.getSessionToken());

    } catch (ZTSClientException ex) {
        credentials = null;
        LOG.error("Refresh: Failed to get the AWS temporary credentials from ZTS: {}", ex.getMessage());
    } catch (Exception ex) {
        credentials = null;
        LOG.error("Refresh: Failed to refresh credentials: {}", ex.getMessage());
    }
}

From source file:com.yahoo.athenz.zts.store.CloudStore.java

License:Apache License

boolean fetchRoleCredentials() {

    // verify that we have a valid awsRole already retrieved

    if (awsRole == null || awsRole.isEmpty()) {
        LOGGER.error("CloudStore: awsRole is not avaialble to fetch role credentials");
        return false;
    }/*from   w  w  w  .jav  a2  s.c o m*/

    String creds = getMetaData("/meta-data/iam/security-credentials/" + awsRole);
    if (creds == null) {
        return false;
    }

    Struct credsStruct = null;
    try {
        credsStruct = JSON.fromString(creds, Struct.class);
    } catch (Exception ex) {
        LOGGER.error("CloudStore: unable to parse role credentials data: " + ex.getMessage());
    }

    if (credsStruct == null) {
        LOGGER.error("CloudStore: unable to parse role credentials data: " + creds);
        return false;
    }

    String accessKeyId = credsStruct.getString("AccessKeyId");
    String secretAccessKey = credsStruct.getString("SecretAccessKey");
    String token = credsStruct.getString("Token");

    if (LOGGER.isDebugEnabled()) {
        LOGGER.debug("CloudStore: access key id: " + accessKeyId);
        LOGGER.debug("CloudStore: secret access key: " + secretAccessKey);
    }

    try {
        credentials = new BasicSessionCredentials(accessKeyId, secretAccessKey, token);
    } catch (Exception ex) {
        LOGGER.error("CloudStore: unable to generate session credentials from: " + creds + ", error: "
                + ex.getMessage());
        return false;
    }

    return true;
}

From source file:de.taimos.pipeline.aws.AWSClientFactory.java

License:Apache License

private static AWSCredentialsProvider handleStaticCredentials(EnvVars vars) {
    String accessKey = vars.get(AWS_ACCESS_KEY_ID);
    String secretAccessKey = vars.get(AWS_SECRET_ACCESS_KEY);
    if (accessKey != null && secretAccessKey != null) {
        String sessionToken = vars.get(AWS_SESSION_TOKEN);
        if (sessionToken != null) {
            return new AWSStaticCredentialsProvider(
                    new BasicSessionCredentials(accessKey, secretAccessKey, sessionToken));
        }//from   w  w  w. j  a va2  s .c  o m
        return new AWSStaticCredentialsProvider(new BasicAWSCredentials(accessKey, secretAccessKey));
    }
    return null;
}

From source file:fi.yle.tools.aws.maven.SimpleStorageServiceWagon.java

License:Apache License

protected BasicSessionCredentials getAssumedCredentialsIfRequested(
        AuthenticationInfoAWSCredentialsProviderChain credentials) {

    AWSSecurityTokenServiceClient stsClient = new AWSSecurityTokenServiceClient(credentials);

    String ARN = getAssumedRoleARN();
    String SESSION = getAssumedRoleSessionName();

    AssumeRoleRequest assumeRequest = new AssumeRoleRequest().withRoleArn(ARN).withRoleSessionName(SESSION);

    AssumeRoleResult assumeResult = stsClient.assumeRole(assumeRequest);

    BasicSessionCredentials assumedCredentials = new BasicSessionCredentials(
            assumeResult.getCredentials().getAccessKeyId(), assumeResult.getCredentials().getSecretAccessKey(),
            assumeResult.getCredentials().getSessionToken());

    return assumedCredentials;
}

From source file:gobblin.aws.AWSClusterSecurityManager.java

License:Apache License

private void login() throws IOException {
    // Refresh login configuration details from config
    fetchLoginConfiguration();//from  w  w  w. j  a  v a  2  s.  c o m

    // Primary AWS user login
    this.basicAWSCredentials = new BasicAWSCredentials(this.serviceAccessKey, this.serviceSecretKey);

    // If running on behalf of another AWS user,
    // .. assume role as configured
    if (this.clientAssumeRole) {
        AssumeRoleRequest assumeRoleRequest = new AssumeRoleRequest().withRoleSessionName(this.clientSessionId)
                .withExternalId(this.clientExternalId).withRoleArn(this.clientRoleArn);

        final AWSSecurityTokenServiceClient stsClient = new AWSSecurityTokenServiceClient(
                this.basicAWSCredentials);

        final AssumeRoleResult assumeRoleResult = stsClient.assumeRole(assumeRoleRequest);

        this.basicSessionCredentials = new BasicSessionCredentials(
                assumeRoleResult.getCredentials().getAccessKeyId(),
                assumeRoleResult.getCredentials().getSecretAccessKey(),
                assumeRoleResult.getCredentials().getSessionToken());
    }

    this.lastRefreshTimeInMillis = System.currentTimeMillis();
}

From source file:iit.edu.supadyay.s3.S3upload.java

/**
 *
 * @return/*w  w  w .j a va2s  . c  o m*/
 */
public static AWSCredentials getCredentials() {
    AWSSecurityTokenServiceClient stsClient = new AWSSecurityTokenServiceClient(
            new ProfileCredentialsProvider());

    //
    // Manually start a session.
    GetSessionTokenRequest getSessionTokenRequest = new GetSessionTokenRequest();
    // Following duration can be set only if temporary credentials are requested by an IAM user.
    getSessionTokenRequest.setDurationSeconds(7200);

    GetSessionTokenResult sessionTokenResult = stsClient.getSessionToken(getSessionTokenRequest);
    Credentials sessionCredentials = sessionTokenResult.getCredentials();

    // Package the temporary security credentials as 
    // a BasicSessionCredentials object, for an Amazon S3 client object to use.
    BasicSessionCredentials basicSessionCredentials = new BasicSessionCredentials(
            sessionCredentials.getAccessKeyId(), sessionCredentials.getSecretAccessKey(),
            sessionCredentials.getSessionToken());

    return basicSessionCredentials;

}

From source file:io.fineo.client.auth.CognitoCachingCredentialsProvider.java

License:Open Source License

/**
 * Load the credentials from prefs/*www.jav  a 2  s.c o  m*/
 */
void loadCachedCredentials() {
    LOG.debug(TAG, "Loading credentials from SharedPreferences");
    sessionCredentialsExpiration = new Date(Long.parseLong(cache.getOrDefault(namespace(EXP_KEY), "0")));
    // make sure we have valid data in prefs
    boolean hasAK = cache.containsKey(namespace(AK_KEY));
    boolean hasSK = cache.containsKey(namespace(SK_KEY));
    boolean hasST = cache.containsKey(namespace(ST_KEY));
    if (!hasAK || !hasSK || !hasST) {
        LOG.debug(TAG, "No valid credentials found in SharedPreferences");
        sessionCredentialsExpiration = null;
        return;
    }
    String AK = cache.getOrDefault(namespace(AK_KEY), null);
    String SK = cache.getOrDefault(namespace(SK_KEY), null);
    String ST = cache.getOrDefault(namespace(ST_KEY), null);

    sessionCredentials = new BasicSessionCredentials(AK, SK, ST);
}