private static AWSCredentials GetAWSCredentials(string profileName, ICredentialProfileSource profileSource,
                                                        CredentialProfileOptions options, RegionEndpoint stsRegion, bool nonCallbackOnly)
        {
            var profileType = CredentialProfileTypeDetector.DetectProfileType(options);

            if (nonCallbackOnly && profileType.HasValue && IsCallbackRequired(profileType.Value))
            {
                if (profileType == CredentialProfileType.AssumeRoleExternalMFA ||
                    profileType == CredentialProfileType.AssumeRoleMFA)
                {
                    var mfaMessage = profileName == null
                        ? "The credential options represent AssumeRoleAWSCredentials that require an MFA.  This is not allowed here.  " +
                                     "Please use credential options for AssumeRoleAWSCredentials that don't require an MFA, or a different type of credentials."
                        : String.Format(CultureInfo.InvariantCulture,
                                        "The profile [{0}] is an assume role profile that requires an MFA.  This type of profile is not allowed here.  " +
                                        "Please use an assume role profile that doesn't require an MFA, or a different type of profile.", profileName);
                    throw new InvalidOperationException(mfaMessage);
                }
#if BCL
                else if (profileType == CredentialProfileType.SAMLRoleUserIdentity)
                {
                    var samlMessage = profileName == null
                        ? "The credential options represent FederatedAWSCredentials that specify a user identity.  This is not allowed here.  " +
                                      "Please use credential options for FederatedAWSCredentials without an explicit user identity, or a different type of credentials."
                        : String.Format(CultureInfo.InvariantCulture,
                                        "The profile [{0}] is a SAML role profile that specifies a user identity.  This type of profile is not allowed here.  " +
                                        "Please use a SAML role profile without an explicit user identity, or a different type of profile.", profileName);
                    throw new InvalidOperationException(samlMessage);
                }
#endif
            }
            return(GetAWSCredentialsInternal(profileName, profileType, options, stsRegion, profileSource, true));
        }
        /// <summary>
        /// Return the credentials for the profile if valid credentials can created.
        /// </summary>
        /// <param name="options">The options to get AWSCredentials for.</param>
        /// <param name="profileSource">The profile source, for profiles that reference other profiles.</param>
        /// <param name="credentials">The credentials for the profile.</param>
        /// <returns>True if credentials can be created from the profile, false otherwise.</returns>
        public static bool TryGetAWSCredentials(CredentialProfileOptions options, ICredentialProfileSource profileSource, out AWSCredentials credentials)
        {
            var profileType = CredentialProfileTypeDetector.DetectProfileType(options);

            credentials = GetAWSCredentialsInternal(null, profileType, options, null, profileSource, false);
            return(credentials != null);
        }
 public static CredentialProfileOptions GetRandomOptions(CredentialProfileType profileType)
 {
     CredentialProfileOptions options = new CredentialProfileOptions();
     foreach (var propertyName in CredentialProfileTypeDetector.GetPropertiesForProfileType(profileType))
     {
         typeof(CredentialProfileOptions).GetProperty(propertyName).SetValue(options, Guid.NewGuid().ToString());
     }
     return options;
 }
Exemple #4
0
        public void TestReadCompatibilityBasic()
        {
            using (var tester = new NetSDKCredentialsFileTestFixture())
            {
                // write with old ProfileManager
                ProfileManager.RegisterProfile("BasicProfile", "AccessKey", "SecretKey");

                // read with new NetSDKCredentialsFile
                CredentialProfile profile;
                Assert.IsTrue(tester.ProfileStore.TryGetProfile("BasicProfile", out profile));
                Assert.IsNotNull(profile);
                Assert.AreEqual("BasicProfile", profile.Name);
                Assert.AreEqual("AccessKey", profile.Options.AccessKey);
                Assert.AreEqual("SecretKey", profile.Options.SecretKey);
                Assert.AreEqual(CredentialProfileType.Basic, CredentialProfileTypeDetector.DetectProfileType(profile.Options).Value);
            }
        }
Exemple #5
0
        public void TestReadCompatibilitySAML()
        {
            using (var tester = new NetSDKCredentialsFileTestFixture())
            {
                // write with old ProfileManager
                ProfileManager.RegisterSAMLEndpoint("EndpointName", new Uri("https://somesamlendpoint/"), null);
                ProfileManager.RegisterSAMLRoleProfile("SAMLProfile", "EndpointName", "RoleArn", "UserIdentity");

                // read with new NetSDKCredentialsFile
                CredentialProfile profile;
                Assert.IsTrue(tester.ProfileStore.TryGetProfile("SAMLProfile", out profile));
                Assert.IsNotNull(profile);
                Assert.AreEqual("SAMLProfile", profile.Name);
                Assert.AreEqual("EndpointName", profile.Options.EndpointName);
                Assert.AreEqual("RoleArn", profile.Options.RoleArn);
                Assert.AreEqual("UserIdentity", profile.Options.UserIdentity);
                Assert.AreEqual(CredentialProfileType.SAMLRoleUserIdentity, CredentialProfileTypeDetector.DetectProfileType(profile.Options).Value);
            }
        }
 public void DetectProfileTypeSsoWithOtherProperties()
 {
     Assert.AreEqual(CredentialProfileType.SSO,
                     CredentialProfileTypeDetector.DetectProfileType(SsoWithOtherPropertiesProfileOptions));
 }
 public void DetectProfileTypeSsoIncomplete()
 {
     Assert.AreEqual(CredentialProfileType.SSO,
                     CredentialProfileTypeDetector.DetectProfileType(SsoIncompleteProfileOptions));
 }
 public void DetectProfileTypeBasic()
 {
     Assert.AreEqual(CredentialProfileType.Basic,
                     CredentialProfileTypeDetector.DetectProfileType(BasicProfileOptions));
 }