com.jaspersoft.jasperserver.api.engine.jasperreports.util.AwsCredentialUtil.java Source code

Java tutorial

Introduction

Here is the source code for com.jaspersoft.jasperserver.api.engine.jasperreports.util.AwsCredentialUtil.java

Source

/*
 * Copyright (C) 2005 - 2014 TIBCO Software Inc. All rights reserved.
 * http://www.jaspersoft.com.
 *
 * Unless you have purchased  a commercial license agreement from Jaspersoft,
 * the following license terms  apply:
 *
 * This program is free software: you can redistribute it and/or  modify
 * it under the terms of the GNU Affero General Public License  as
 * published by the Free Software Foundation, either version 3 of  the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero  General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public  License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 */
package com.jaspersoft.jasperserver.api.engine.jasperreports.util;

import com.amazonaws.auth.*;
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient;
import com.amazonaws.services.securitytoken.model.AssumeRoleRequest;
import com.amazonaws.services.securitytoken.model.AssumeRoleResult;
import com.jaspersoft.jasperserver.api.JSShowOnlyErrorMessage;
import com.jaspersoft.jasperserver.api.common.util.spring.StaticApplicationContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.context.MessageSource;
import org.springframework.context.i18n.LocaleContextHolder;

import static org.apache.commons.lang.StringUtils.isNotEmpty;

/**
 * @author vsabadosh
 */
public class AwsCredentialUtil {
    private static final Log logger = LogFactory.getLog(AwsCredentialUtil.class);

    public static AWSCredentials getAWSCredentials(String awsAccessKey, String awsSecretKey, String roleARN) {
        AWSCredentials awsCredentials;
        if (isNotEmpty(awsAccessKey) && isNotEmpty(awsSecretKey)) {
            awsCredentials = new BasicAWSCredentials(awsAccessKey.trim(), awsSecretKey.trim());

            // Use user long-term credentials to call the
            // AWS Security Token Service (STS) AssumeRole API, specifying
            // the ARN for the role -RO-role in amazon account.
            if (isNotEmpty(roleARN)) {
                AWSSecurityTokenServiceClient stsClient = new AWSSecurityTokenServiceClient(awsCredentials);

                AssumeRoleRequest assumeRequest = new AssumeRoleRequest().withRoleArn(roleARN.trim())
                        .withRoleSessionName("JRSRequest");

                AssumeRoleResult assumeResult = null;
                try {
                    assumeResult = stsClient.assumeRole(assumeRequest);
                } catch (Exception ex) {
                    logger.error(ex);
                    throw new JSShowOnlyErrorMessage(ex.getMessage());
                }

                // AssumeRole returns temporary security credentials for
                // the IAM role.
                awsCredentials = new BasicSessionCredentials(assumeResult.getCredentials().getAccessKeyId(),
                        assumeResult.getCredentials().getSecretAccessKey(),
                        assumeResult.getCredentials().getSessionToken());
            }
        } else {
            //Try getting Ec2 instance credentials.
            AWSCredentialsProvider instanceCredentialsProvider = new DefaultAWSCredentialsProviderChain();
            try {
                awsCredentials = instanceCredentialsProvider.getCredentials();
            } catch (Exception ex) {
                ApplicationContext ctx = StaticApplicationContext.getApplicationContext();
                MessageSource message = ctx.getBean("messageSource", MessageSource.class);

                logger.error("Exception loading default JRS instance credentials", ex);
                throw new JSShowOnlyErrorMessage(
                        message.getMessage("aws.exception.datasource.load.default.credentials", null,
                                LocaleContextHolder.getLocale()));
            }
        }
        return awsCredentials;
    }

}