public void RegisterRoleSession(string roleSessionName, SAMLImmutableCredentials credentials) { var properties = new Dictionary <string, string>() { { SettingsConstants.RoleSession, credentials.ToJson() } }; settingsManager.RegisterObject(roleSessionName, properties); }
public void GetCredentialsSessionCached() { var sessionName = SomeSAMLEndpoint.Name + "," + RoleArn + ","; var samlImmutableCredentials = new SAMLImmutableCredentials(AccessKeyID, SecretAccessKey, Token, DateTime.UtcNow.AddDays(1), Subject); sessionManager.RegisterRoleSession(sessionName, samlImmutableCredentials); var awsCredentials = new FederatedAWSCredentials(SomeSAMLEndpoint, RoleArn); AssertSAMLImmutableCredentials(samlImmutableCredentials, awsCredentials.GetCredentials()); }
private static void AssertSAMLImmutableCredentials(SAMLImmutableCredentials expected, ImmutableCredentials actual) { var actualSaml = actual as SAMLImmutableCredentials; Assert.IsNotNull(actualSaml); Assert.AreEqual(expected.AccessKey, actualSaml.AccessKey); AssertExtensions.AssertDateTimesAreEqualToTheSecond(expected.Expires, actualSaml.Expires); Assert.AreEqual(expected.SecretKey, actualSaml.SecretKey); Assert.AreEqual(expected.Token, actualSaml.Token); Assert.AreEqual(expected.Subject, actualSaml.Subject); }
public void InitializeTest() { fixture = new EncryptedStoreTestFixture(RoleSessionsFilename); manager = new SAMLRoleSessionManager(); DateTime now = DateTime.UtcNow; // The expiration is only stored to the second in our JSON nowToTheSecond = new DateTime(now.Year, now.Month, now.Day, now.Hour, now.Minute, now.Second, DateTimeKind.Utc); yesterday = nowToTheSecond.AddDays(-1); tomorrow = nowToTheSecond.AddDays(1); samlCredentials = new SAMLImmutableCredentials("AccessKey", "SecretKey", "Token", tomorrow, "Subject"); expiredSamlCredentials = new SAMLImmutableCredentials("AccessKey", "SecretKey", "Token", yesterday, "Subject"); }
/// <summary> /// Attempt to read a role session with the given name. /// If the session is invalid or expired it will not be returned. /// </summary> /// <param name="roleSessionName">The name of the role session to get.</param> /// <param name="credentials">The credentials for the session, if found.</param> /// <returns>True if the session was found, false otherwise.</returns> public bool TryGetRoleSession(string roleSessionName, out SAMLImmutableCredentials credentials) { Dictionary <string, string> properties; credentials = null; if (settingsManager.TryGetObject(roleSessionName, out properties)) { try { credentials = SAMLImmutableCredentials.FromJson(properties[SettingsConstants.RoleSession]); } catch (Exception e) { Logger.GetLogger(typeof(SAMLRoleSessionManager)).Error(e, "Unable to load SAML role session '{0}'.", roleSessionName); } } return(credentials != null); }
SAMLImmutableCredentials ICoreAmazonSTS_SAML.CredentialsFromSAMLAuthentication( #else SAMLImmutableCredentials ICoreAmazonSTS.CredentialsFromSAMLAuthentication(