List of usage examples for com.amazonaws.auth BasicSessionCredentials BasicSessionCredentials
public BasicSessionCredentials(String awsAccessKey, String awsSecretKey, String sessionToken)
From source file:com.rmn.qa.aws.AwsVmManager.java
License:Open Source License
/** * Retrieves AWS {@link com.amazonaws.auth.BasicAWSCredentials credentials} from the configuration file. * * @return/*from ww w . j a va 2s. c om*/ */ @VisibleForTesting AWSCredentials getCredentials() { Properties awsProperties = getAwsProperties(); // Give the system property credentials precedence over ones found in the config file String accessKey = System.getProperty(AutomationConstants.AWS_ACCESS_KEY); if (accessKey == null) { accessKey = awsProperties.getProperty(AutomationConstants.AWS_ACCESS_KEY); if (accessKey == null) { throw new IllegalArgumentException(String.format( "AWS Access Key must be passed in by the [%s] system property or be present in the AWS config file", AutomationConstants.AWS_ACCESS_KEY)); } } String privateKey = System.getProperty(AutomationConstants.AWS_PRIVATE_KEY); if (privateKey == null) { privateKey = awsProperties.getProperty(AutomationConstants.AWS_PRIVATE_KEY); if (privateKey == null) { throw new IllegalArgumentException(String.format( "AWS Private Key must be passed in by the [%s] system property or be present in the AWS config file", AutomationConstants.AWS_PRIVATE_KEY)); } } // Token is not required, so do not throw an exception if it is not present String token = System.getProperty(AutomationConstants.AWS_TOKEN); if (token == null) { token = awsProperties.getProperty(AutomationConstants.AWS_TOKEN); } return new BasicSessionCredentials(accessKey, privateKey, token); }
From source file:com.upplication.s3fs.S3FileSystemProvider.java
License:Open Source License
protected S3FileSystem createFileSystem0(URI uri, Object accessKey, Object secretKey, Object sessionToken) { AmazonS3Client client;//from w ww . j ava2 s. c o m ClientConfiguration config = createClientConfig(props); if (accessKey == null && secretKey == null) { client = new AmazonS3Client(new com.amazonaws.services.s3.AmazonS3Client(config)); } else { AWSCredentials credentials = (sessionToken == null ? new BasicAWSCredentials(accessKey.toString(), secretKey.toString()) : new BasicSessionCredentials(accessKey.toString(), secretKey.toString(), sessionToken.toString())); client = new AmazonS3Client(new com.amazonaws.services.s3.AmazonS3Client(credentials, config)); } // note: path style access is going to be deprecated // https://aws.amazon.com/blogs/aws/amazon-s3-path-deprecation-plan-the-rest-of-the-story/ boolean usePathStyle = "true".equals(props.getProperty("s_3_path_style_access")) || "true".equals(props.getProperty("s3_path_style_access")); if (usePathStyle) { S3ClientOptions options = S3ClientOptions.builder().setPathStyleAccess(usePathStyle).build(); client.client.setS3ClientOptions(options); } if (uri.getHost() != null) { client.setEndpoint(uri.getHost()); } else if (props.getProperty("endpoint") != null) { client.setEndpoint(props.getProperty("endpoint")); } else if (props.getProperty("region") != null) { client.setRegion(props.getProperty("region")); } S3FileSystem result = new S3FileSystem(this, client, uri.getHost()); return result; }
From source file:com.yahoo.athenz.instance.provider.impl.InstanceAWSProvider.java
License:Apache License
AWSSecurityTokenServiceClient getInstanceClient(AWSAttestationData info) { String access = info.getAccess(); if (access == null || access.isEmpty()) { LOGGER.error("getInstanceClient: No access key id available in instance document"); return null; }// w w w.j a va2 s . c o m String secret = info.getSecret(); if (secret == null || secret.isEmpty()) { LOGGER.error("getInstanceClient: No secret access key available in instance document"); return null; } String token = info.getToken(); if (token == null || token.isEmpty()) { LOGGER.error("getInstanceClient: No token available in instance document"); return null; } BasicSessionCredentials creds = new BasicSessionCredentials(access, secret, token); return new AWSSecurityTokenServiceClient(creds); }
From source file:com.yahoo.athenz.zts.AWSCredentialsProviderImpl.java
License:Apache License
@Override public void refresh() { try {/*from w w w.j av a 2 s .c o m*/ AWSTemporaryCredentials creds = ztsClient.getAWSTemporaryCredentials(domainName, roleName); if (LOG.isDebugEnabled()) { LOG.debug("Refresh: Credentials with id: {} and expiration {} were fetched", creds.getAccessKeyId(), creds.getExpiration()); } this.credentials = new BasicSessionCredentials(creds.getAccessKeyId(), creds.getSecretAccessKey(), creds.getSessionToken()); } catch (ZTSClientException ex) { credentials = null; LOG.error("Refresh: Failed to get the AWS temporary credentials from ZTS: {}", ex.getMessage()); } catch (Exception ex) { credentials = null; LOG.error("Refresh: Failed to refresh credentials: {}", ex.getMessage()); } }
From source file:com.yahoo.athenz.zts.store.CloudStore.java
License:Apache License
boolean fetchRoleCredentials() { // verify that we have a valid awsRole already retrieved if (awsRole == null || awsRole.isEmpty()) { LOGGER.error("CloudStore: awsRole is not avaialble to fetch role credentials"); return false; }/*from w w w .jav a2 s.c o m*/ String creds = getMetaData("/meta-data/iam/security-credentials/" + awsRole); if (creds == null) { return false; } Struct credsStruct = null; try { credsStruct = JSON.fromString(creds, Struct.class); } catch (Exception ex) { LOGGER.error("CloudStore: unable to parse role credentials data: " + ex.getMessage()); } if (credsStruct == null) { LOGGER.error("CloudStore: unable to parse role credentials data: " + creds); return false; } String accessKeyId = credsStruct.getString("AccessKeyId"); String secretAccessKey = credsStruct.getString("SecretAccessKey"); String token = credsStruct.getString("Token"); if (LOGGER.isDebugEnabled()) { LOGGER.debug("CloudStore: access key id: " + accessKeyId); LOGGER.debug("CloudStore: secret access key: " + secretAccessKey); } try { credentials = new BasicSessionCredentials(accessKeyId, secretAccessKey, token); } catch (Exception ex) { LOGGER.error("CloudStore: unable to generate session credentials from: " + creds + ", error: " + ex.getMessage()); return false; } return true; }
From source file:de.taimos.pipeline.aws.AWSClientFactory.java
License:Apache License
private static AWSCredentialsProvider handleStaticCredentials(EnvVars vars) { String accessKey = vars.get(AWS_ACCESS_KEY_ID); String secretAccessKey = vars.get(AWS_SECRET_ACCESS_KEY); if (accessKey != null && secretAccessKey != null) { String sessionToken = vars.get(AWS_SESSION_TOKEN); if (sessionToken != null) { return new AWSStaticCredentialsProvider( new BasicSessionCredentials(accessKey, secretAccessKey, sessionToken)); }//from w w w. j a va2 s .c o m return new AWSStaticCredentialsProvider(new BasicAWSCredentials(accessKey, secretAccessKey)); } return null; }
From source file:fi.yle.tools.aws.maven.SimpleStorageServiceWagon.java
License:Apache License
protected BasicSessionCredentials getAssumedCredentialsIfRequested( AuthenticationInfoAWSCredentialsProviderChain credentials) { AWSSecurityTokenServiceClient stsClient = new AWSSecurityTokenServiceClient(credentials); String ARN = getAssumedRoleARN(); String SESSION = getAssumedRoleSessionName(); AssumeRoleRequest assumeRequest = new AssumeRoleRequest().withRoleArn(ARN).withRoleSessionName(SESSION); AssumeRoleResult assumeResult = stsClient.assumeRole(assumeRequest); BasicSessionCredentials assumedCredentials = new BasicSessionCredentials( assumeResult.getCredentials().getAccessKeyId(), assumeResult.getCredentials().getSecretAccessKey(), assumeResult.getCredentials().getSessionToken()); return assumedCredentials; }
From source file:gobblin.aws.AWSClusterSecurityManager.java
License:Apache License
private void login() throws IOException { // Refresh login configuration details from config fetchLoginConfiguration();//from w w w. j a v a 2 s. c o m // Primary AWS user login this.basicAWSCredentials = new BasicAWSCredentials(this.serviceAccessKey, this.serviceSecretKey); // If running on behalf of another AWS user, // .. assume role as configured if (this.clientAssumeRole) { AssumeRoleRequest assumeRoleRequest = new AssumeRoleRequest().withRoleSessionName(this.clientSessionId) .withExternalId(this.clientExternalId).withRoleArn(this.clientRoleArn); final AWSSecurityTokenServiceClient stsClient = new AWSSecurityTokenServiceClient( this.basicAWSCredentials); final AssumeRoleResult assumeRoleResult = stsClient.assumeRole(assumeRoleRequest); this.basicSessionCredentials = new BasicSessionCredentials( assumeRoleResult.getCredentials().getAccessKeyId(), assumeRoleResult.getCredentials().getSecretAccessKey(), assumeRoleResult.getCredentials().getSessionToken()); } this.lastRefreshTimeInMillis = System.currentTimeMillis(); }
From source file:iit.edu.supadyay.s3.S3upload.java
/** * * @return/*w w w .j a va2s . c o m*/ */ public static AWSCredentials getCredentials() { AWSSecurityTokenServiceClient stsClient = new AWSSecurityTokenServiceClient( new ProfileCredentialsProvider()); // // Manually start a session. GetSessionTokenRequest getSessionTokenRequest = new GetSessionTokenRequest(); // Following duration can be set only if temporary credentials are requested by an IAM user. getSessionTokenRequest.setDurationSeconds(7200); GetSessionTokenResult sessionTokenResult = stsClient.getSessionToken(getSessionTokenRequest); Credentials sessionCredentials = sessionTokenResult.getCredentials(); // Package the temporary security credentials as // a BasicSessionCredentials object, for an Amazon S3 client object to use. BasicSessionCredentials basicSessionCredentials = new BasicSessionCredentials( sessionCredentials.getAccessKeyId(), sessionCredentials.getSecretAccessKey(), sessionCredentials.getSessionToken()); return basicSessionCredentials; }
From source file:io.fineo.client.auth.CognitoCachingCredentialsProvider.java
License:Open Source License
/** * Load the credentials from prefs/*www.jav a 2 s.c o m*/ */ void loadCachedCredentials() { LOG.debug(TAG, "Loading credentials from SharedPreferences"); sessionCredentialsExpiration = new Date(Long.parseLong(cache.getOrDefault(namespace(EXP_KEY), "0"))); // make sure we have valid data in prefs boolean hasAK = cache.containsKey(namespace(AK_KEY)); boolean hasSK = cache.containsKey(namespace(SK_KEY)); boolean hasST = cache.containsKey(namespace(ST_KEY)); if (!hasAK || !hasSK || !hasST) { LOG.debug(TAG, "No valid credentials found in SharedPreferences"); sessionCredentialsExpiration = null; return; } String AK = cache.getOrDefault(namespace(AK_KEY), null); String SK = cache.getOrDefault(namespace(SK_KEY), null); String ST = cache.getOrDefault(namespace(ST_KEY), null); sessionCredentials = new BasicSessionCredentials(AK, SK, ST); }