org.elasticsearch.discovery.ec2.Ec2ClientSettings.java Source code

Java tutorial

Introduction

Here is the source code for org.elasticsearch.discovery.ec2.Ec2ClientSettings.java

Source

/*
 * Licensed to Elasticsearch under one or more contributor
 * license agreements. See the NOTICE file distributed with
 * this work for additional information regarding copyright
 * ownership. Elasticsearch licenses this file to you under
 * the Apache License, Version 2.0 (the "License"); you may
 * not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */

package org.elasticsearch.discovery.ec2;

import com.amazonaws.ClientConfiguration;
import com.amazonaws.Protocol;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.auth.BasicSessionCredentials;
import org.apache.logging.log4j.Logger;
import org.elasticsearch.common.logging.DeprecationLogger;
import org.elasticsearch.common.logging.Loggers;
import org.elasticsearch.common.settings.SecureSetting;
import org.elasticsearch.common.settings.SecureString;
import org.elasticsearch.common.settings.Setting;
import org.elasticsearch.common.settings.Setting.Property;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.settings.SettingsException;
import org.elasticsearch.common.unit.TimeValue;

import java.util.Locale;

/**
 * A container for settings used to create an EC2 client.
 */
final class Ec2ClientSettings {

    /** The access key (ie login id) for connecting to ec2. */
    static final Setting<SecureString> ACCESS_KEY_SETTING = SecureSetting.secureString("discovery.ec2.access_key",
            null);

    /** The secret key (ie password) for connecting to ec2. */
    static final Setting<SecureString> SECRET_KEY_SETTING = SecureSetting.secureString("discovery.ec2.secret_key",
            null);

    /** The session token for connecting to ec2. */
    static final Setting<SecureString> SESSION_TOKEN_SETTING = SecureSetting
            .secureString("discovery.ec2.session_token", null);

    /** The host name of a proxy to connect to ec2 through. */
    static final Setting<String> PROXY_HOST_SETTING = Setting.simpleString("discovery.ec2.proxy.host",
            Property.NodeScope);

    /** The port of a proxy to connect to ec2 through. */
    static final Setting<Integer> PROXY_PORT_SETTING = Setting.intSetting("discovery.ec2.proxy.port", 80, 0,
            1 << 16, Property.NodeScope);

    /** An override for the ec2 endpoint to connect to. */
    static final Setting<String> ENDPOINT_SETTING = new Setting<>("discovery.ec2.endpoint", "",
            s -> s.toLowerCase(Locale.ROOT), Property.NodeScope);

    /** The protocol to use to connect to to ec2. */
    static final Setting<Protocol> PROTOCOL_SETTING = new Setting<>("discovery.ec2.protocol", "https",
            s -> Protocol.valueOf(s.toUpperCase(Locale.ROOT)), Property.NodeScope);

    /** The username of a proxy to connect to s3 through. */
    static final Setting<SecureString> PROXY_USERNAME_SETTING = SecureSetting
            .secureString("discovery.ec2.proxy.username", null);

    /** The password of a proxy to connect to s3 through. */
    static final Setting<SecureString> PROXY_PASSWORD_SETTING = SecureSetting
            .secureString("discovery.ec2.proxy.password", null);

    /** The socket timeout for connecting to s3. */
    static final Setting<TimeValue> READ_TIMEOUT_SETTING = Setting.timeSetting("discovery.ec2.read_timeout",
            TimeValue.timeValueMillis(ClientConfiguration.DEFAULT_SOCKET_TIMEOUT), Property.NodeScope);

    private static final Logger logger = Loggers.getLogger(Ec2ClientSettings.class);

    private static final DeprecationLogger DEPRECATION_LOGGER = new DeprecationLogger(logger);

    /** Credentials to authenticate with ec2. */
    final AWSCredentials credentials;

    /**
     * The ec2 endpoint the client should talk to, or empty string to use the
     * default.
     */
    final String endpoint;

    /** The protocol to use to talk to ec2. Defaults to https. */
    final Protocol protocol;

    /** An optional proxy host that requests to ec2 should be made through. */
    final String proxyHost;

    /** The port number the proxy host should be connected on. */
    final int proxyPort;

    // these should be "secure" yet the api for the ec2 client only takes String, so
    // storing them
    // as SecureString here won't really help with anything
    /** An optional username for the proxy host, for basic authentication. */
    final String proxyUsername;

    /** An optional password for the proxy host, for basic authentication. */
    final String proxyPassword;

    /** The read timeout for the ec2 client. */
    final int readTimeoutMillis;

    protected Ec2ClientSettings(AWSCredentials credentials, String endpoint, Protocol protocol, String proxyHost,
            int proxyPort, String proxyUsername, String proxyPassword, int readTimeoutMillis) {
        this.credentials = credentials;
        this.endpoint = endpoint;
        this.protocol = protocol;
        this.proxyHost = proxyHost;
        this.proxyPort = proxyPort;
        this.proxyUsername = proxyUsername;
        this.proxyPassword = proxyPassword;
        this.readTimeoutMillis = readTimeoutMillis;
    }

    static AWSCredentials loadCredentials(Settings settings) {
        try (SecureString key = ACCESS_KEY_SETTING.get(settings);
                SecureString secret = SECRET_KEY_SETTING.get(settings);
                SecureString sessionToken = SESSION_TOKEN_SETTING.get(settings)) {
            if (key.length() == 0 && secret.length() == 0) {
                if (sessionToken.length() > 0) {
                    throw new SettingsException("Setting [{}] is set but [{}] and [{}] are not",
                            SESSION_TOKEN_SETTING.getKey(), ACCESS_KEY_SETTING.getKey(),
                            SECRET_KEY_SETTING.getKey());
                }

                logger.debug(
                        "Using either environment variables, system properties or instance profile credentials");
                return null;
            } else {
                if (key.length() == 0) {
                    DEPRECATION_LOGGER.deprecated(
                            "Setting [{}] is set but [{}] is not, which will be unsupported in future",
                            SECRET_KEY_SETTING.getKey(), ACCESS_KEY_SETTING.getKey());
                }
                if (secret.length() == 0) {
                    DEPRECATION_LOGGER.deprecated(
                            "Setting [{}] is set but [{}] is not, which will be unsupported in future",
                            ACCESS_KEY_SETTING.getKey(), SECRET_KEY_SETTING.getKey());
                }

                final AWSCredentials credentials;
                if (sessionToken.length() == 0) {
                    logger.debug("Using basic key/secret credentials");
                    credentials = new BasicAWSCredentials(key.toString(), secret.toString());
                } else {
                    logger.debug("Using basic session credentials");
                    credentials = new BasicSessionCredentials(key.toString(), secret.toString(),
                            sessionToken.toString());
                }
                return credentials;
            }
        }
    }

    // pkg private for tests
    /** Parse settings for a single client. */
    static Ec2ClientSettings getClientSettings(Settings settings) {
        final AWSCredentials credentials = loadCredentials(settings);
        try (SecureString proxyUsername = PROXY_USERNAME_SETTING.get(settings);
                SecureString proxyPassword = PROXY_PASSWORD_SETTING.get(settings)) {
            return new Ec2ClientSettings(credentials, ENDPOINT_SETTING.get(settings),
                    PROTOCOL_SETTING.get(settings), PROXY_HOST_SETTING.get(settings),
                    PROXY_PORT_SETTING.get(settings), proxyUsername.toString(), proxyPassword.toString(),
                    (int) READ_TIMEOUT_SETTING.get(settings).millis());
        }
    }

}