コード例 #1
0
        /// <summary>
        /// <para>
        /// Constructs an instance of StoredProfileFederatedCredentials. After construction call one of the Authenticate
        /// methods to authenticate the user/process and obtain temporary AWS credentials.
        /// </para>
        /// <para>
        /// For users who are domain joined (the role profile does not contain user identity information) the temporary
        /// credentials will be refreshed automatically as needed. Non domain-joined users (those with user identity
        /// data in the profile) are required to re-authenticate when credential refresh is required. An exception is
        /// thrown when attempt is made to refresh credentials in this scenario. The consuming code of this class
        /// should catch the exception and prompt the user for credentials, then call Authenticate to re-initialize
        /// with a new set of temporary AWS credentials.
        /// </para>
        /// </summary>
        /// <param name="profileName">
        /// The name of the profile holding the necessary role data to enable authentication and credential generation.
        /// </param>
        /// <param name="profilesLocation">Reserved for future use.</param>
        /// <param name="proxySettings">
        /// Null or proxy settings to be used during the HHTPS authentication calls when generating credentials.
        /// /// </param>
        /// <remarks>The ini-format credentials file is not currently supported for SAML role profiles.</remarks>
        public StoredProfileFederatedCredentials(string profileName, string profilesLocation, WebProxy proxySettings)
        {
            this._proxySettings    = proxySettings;
            this.PreemptExpiryTime = _preemptExpiryTime;

            var lookupName = string.IsNullOrEmpty(profileName)
                ? StoredProfileCredentials.DEFAULT_PROFILE_NAME
                : profileName;

            ProfileName      = lookupName;
            ProfilesLocation = null;

            // If not overriding the credentials lookup location check the SDK Store for credentials. If
            // an override location is specified, assume we should only use the shared credential file.
            if (string.IsNullOrEmpty(profilesLocation))
            {
                if (ProfileManager.IsProfileKnown(lookupName) && SAMLRoleProfile.CanCreateFrom(lookupName))
                {
                    var profileData = ProfileManager.GetProfile <SAMLRoleProfile>(lookupName);
                    ProfileData = profileData;
                    var logger = Logger.GetLogger(typeof(StoredProfileFederatedCredentials));
                    logger.InfoFormat("SAML role profile found using account name {0} and looking in SDK account store.", lookupName);
                }
            }

            // we currently do not support the shared ini-format credential file for SAML role profile data
            // so end the search now if not found
            if (ProfileData == null)
            {
                var msg = string.Format(CultureInfo.InvariantCulture,
                                        "Profile '{0}' was not found or could not be loaded from the SDK credential store. Verify that the profile name and data are correct.",
                                        profileName);
                throw new ArgumentException(msg);
            }
        }
コード例 #2
0
        /// <summary>
        /// Tests if an instance can be created from the persisted profile data.
        /// </summary>
        /// <param name="profileName">The name of the profile to test.</param>
        /// <param name="profilesLocation">The location of the shared ini-format credential file.</param>
        /// <returns>True if the persisted data would yield a valid credentials instance.</returns>
        /// <remarks>
        /// This profile type is currently only supported in the SDK credential store file.
        /// The shared ini-format file is not currently supported; any value supplied
        /// for the profilesLocation value is ignored.
        /// </remarks>
        public static bool CanCreateFrom(string profileName, string profilesLocation)
        {
            if (string.IsNullOrEmpty(profilesLocation) && ProfileManager.IsProfileKnown(profileName))
            {
                return(SAMLRoleProfile.CanCreateFrom(profileName));
            }

            return(false);
        }