private static void UnmarshallResult(XmlUnmarshallerContext context, GetFederationTokenResponse response) { int currentDepth = context.get_CurrentDepth(); int num = currentDepth + 1; if (context.get_IsStartOfDocument()) { num += 2; } while (context.ReadAtDepth(currentDepth)) { if (context.get_IsStartElement() || context.get_IsAttribute()) { if (context.TestExpression("Credentials", num)) { CredentialsUnmarshaller instance = CredentialsUnmarshaller.Instance; response.Credentials = instance.Unmarshall(context); } else if (context.TestExpression("FederatedUser", num)) { FederatedUserUnmarshaller instance2 = FederatedUserUnmarshaller.Instance; response.FederatedUser = instance2.Unmarshall(context); } else if (context.TestExpression("PackedPolicySize", num)) { IntUnmarshaller instance3 = IntUnmarshaller.get_Instance(); response.PackedPolicySize = instance3.Unmarshall(context); } } } }
/// <summary> /// Unmarshaller the response from the service to the response class. /// </summary> /// <param name="context"></param> /// <returns></returns> public override AmazonWebServiceResponse Unmarshall(XmlUnmarshallerContext context) { GetFederationTokenResponse response = new GetFederationTokenResponse(); context.Read(); int targetDepth = context.CurrentDepth; while (context.ReadAtDepth(targetDepth)) { if (context.IsStartElement) { if (context.TestExpression("GetFederationTokenResult", 2)) { UnmarshallResult(context, response); continue; } if (context.TestExpression("ResponseMetadata", 2)) { response.ResponseMetadata = ResponseMetadataUnmarshaller.Instance.Unmarshall(context); } } } return(response); }
private static void GetFederationToken(String User, int Duration = -1) { AmazonSecurityTokenServiceClient stsClient; if (String.IsNullOrEmpty(Token)) { stsClient = new AmazonSecurityTokenServiceClient(AccessKeyId, SecretKey, stsconfig); } else { stsClient = new AmazonSecurityTokenServiceClient(AccessKeyId, SecretKey, Token, stsconfig); } GetFederationTokenRequest federationTokenRequest = new GetFederationTokenRequest(); if (!String.IsNullOrEmpty(User)) { federationTokenRequest.Name = User; } if (Duration != -1) { federationTokenRequest.DurationSeconds = Duration; } GetFederationTokenResponse federationTokenResponse = stsClient.GetFederationToken(federationTokenRequest); Console.WriteLine("Acess key id: {0}", federationTokenResponse.Credentials.AccessKeyId); Console.WriteLine("Secret key: {0}", federationTokenResponse.Credentials.SecretAccessKey); Console.WriteLine("Session token: {0}", federationTokenResponse.Credentials.SessionToken); Console.WriteLine("Expiration: {0}", federationTokenResponse.Credentials.Expiration); }
/// <summary> /// </summary> /// /// <param name="getFederationTokenRequest">Container for the necessary parameters to execute the GetFederationToken service method on /// AmazonSecurityTokenService.</param> /// /// <returns>The response from the GetFederationToken service method, as returned by AmazonSecurityTokenService.</returns> /// /// <exception cref="PackedPolicyTooLargeException"/> /// <exception cref="MalformedPolicyDocumentException"/> public GetFederationTokenResponse GetFederationToken(GetFederationTokenRequest getFederationTokenRequest) { IRequest <GetFederationTokenRequest> request = new GetFederationTokenRequestMarshaller().Marshall(getFederationTokenRequest); GetFederationTokenResponse response = Invoke <GetFederationTokenRequest, GetFederationTokenResponse> (request, this.signer, GetFederationTokenResponseUnmarshaller.GetInstance()); return(response); }
public static async Task <SessionAWSCredentials> GetTemporaryFederatedCredentialsAsync(string bucketName) { var config = new AmazonSecurityTokenServiceConfig(); var stsClient = new AmazonSecurityTokenServiceClient(config); var federationTokenRequest = new GetFederationTokenRequest(); federationTokenRequest.DurationSeconds = 7200; federationTokenRequest.Name = "User1"; federationTokenRequest.Policy = @"{ ""Statement"": [ { ""Sid"":""Stmt1311212314284"", ""Action"":[""s3:ListBucket""], ""Effect"":""Allow"", ""Resource"":""arn:aws:s3:::" + bucketName + @""" } ] } "; GetFederationTokenResponse federationTokenResponse = await stsClient.GetFederationTokenAsync(federationTokenRequest); Credentials credentials = federationTokenResponse.Credentials; var sessionCredentials = new SessionAWSCredentials( credentials.AccessKeyId, credentials.SecretAccessKey, credentials.SessionToken); return(sessionCredentials); }
public void TestGetFederationTokenAsync() { var gftRequest = new GetFederationTokenRequest { Policy = @"{""Statement"":[{""Effect"":""Allow"",""Action"":""*"",""Resource"":""*""}]}", Name = "BillyBob", DurationSeconds = 3600 }; GetFederationTokenResponse asyncResponse = null; #if ASYNC_AWAIT var task = Client.GetFederationTokenAsync(gftRequest); asyncResponse = task.Result; #else var asyncResult = Client.BeginGetFederationToken(gftRequest, ar => { var client = ar.AsyncState as AmazonSecurityTokenServiceClient; asyncResponse = client.EndGetFederationToken(ar); } , Client); asyncResult.AsyncWaitHandle.WaitOne(); #endif Thread.Sleep(TimeSpan.FromSeconds(5)); Assert.IsNotNull(asyncResponse); var gftResult = asyncResponse; Assert.IsNotNull(gftResult); Assert.IsNotNull(gftResult.Credentials.AccessKeyId); Assert.IsNotNull(gftResult.Credentials.SecretAccessKey); Assert.IsNotNull(gftResult.Credentials.SessionToken); Assert.IsNotNull(gftResult.Credentials.Expiration); var time = DateTime.Now; var approximateExpires = time.AddHours(1); var expiresAfter = approximateExpires.AddMinutes(-5); var expiresBefore = approximateExpires.AddMinutes(5); var expires = gftResult.Credentials.Expiration; Assert.IsTrue(expires > expiresAfter); Assert.IsTrue(expires < expiresBefore); Assert.IsNotNull(gftResult.FederatedUser.FederatedUserId); Assert.IsNotNull(gftResult.FederatedUser.Arn); Assert.IsTrue(gftResult.FederatedUser.FederatedUserId.EndsWith(gftRequest.Name, StringComparison.OrdinalIgnoreCase)); Assert.IsTrue(gftResult.FederatedUser.Arn.EndsWith(gftRequest.Name, StringComparison.OrdinalIgnoreCase)); }
public static TemporaryAWSCredentials GetSecurityToken(string userName) { TemporaryAWSCredentials temporaryCreds = new TemporaryAWSCredentials(); Credentials sessionCredentials; // Create a client using the credentials from the Web.config file AmazonSecurityTokenServiceConfig config = new AmazonSecurityTokenServiceConfig(); AmazonSecurityTokenServiceClient client = new AmazonSecurityTokenServiceClient( GetAccesskey(), GetSecretkey(), config); // Build the aws username string awsUsername = BuildAWSUsername(userName); // Map policy based on whether this is an internal or external user. string policy = BuildAWSPolicy(UserType.Internal); // Store the attributes and request a new // Federated session(temporary security creds) GetFederationTokenRequest request = new GetFederationTokenRequest { DurationSeconds = 3600 * SESSION_DURATION, Name = awsUsername, Policy = policy }; GetFederationTokenResponse startSessionResponse = null; startSessionResponse = client.GetFederationToken(request); // Check the result returned i.e. Valid security credentials or null? if (startSessionResponse != null) { GetFederationTokenResult startSessionResult = startSessionResponse.GetFederationTokenResult; sessionCredentials = startSessionResult.Credentials; // Store all the returned keys and token to TemporarySecurityCreds object. temporaryCreds.User = userName; temporaryCreds.AccessKeyId = sessionCredentials.AccessKeyId; temporaryCreds.SecretAccessKey = sessionCredentials.SecretAccessKey; temporaryCreds.Expiration = sessionCredentials.Expiration; temporaryCreds.Token = sessionCredentials.SessionToken; return(temporaryCreds); } else { throw new Exception("Error in retrieving AWS temporary security creds,recieved NULL"); } }
public void TestGetFederationTokenAsync() { var gftRequest = new GetFederationTokenRequest { Policy = @"{""Statement"":[{""Effect"":""Allow"",""Action"":""*"",""Resource"":""*""}]}", Name = "BillyBob", DurationSeconds = 3600 }; GetFederationTokenResponse gftResult = null; AutoResetEvent ars = new AutoResetEvent(false); Client.GetFederationTokenAsync(gftRequest, (result) => { gftResult = result.Response; ars.Set(); }, options); ars.WaitOne(); Thread.Sleep(TimeSpan.FromSeconds(5)); Assert.IsNotNull(gftResult); Assert.IsNotNull(gftResult.Credentials.AccessKeyId); Assert.IsNotNull(gftResult.Credentials.SecretAccessKey); Assert.IsNotNull(gftResult.Credentials.SessionToken); Assert.IsNotNull(gftResult.Credentials.Expiration); var time = DateTime.Now; var approximateExpires = time.AddHours(1); var expiresAfter = approximateExpires.AddMinutes(-5); var expiresBefore = approximateExpires.AddMinutes(5); var expires = gftResult.Credentials.Expiration; Utils.AssertTrue(expires > expiresAfter); Utils.AssertTrue(expires < expiresBefore); Assert.IsNotNull(gftResult.FederatedUser.FederatedUserId); Assert.IsNotNull(gftResult.FederatedUser.Arn); Utils.AssertTrue(gftResult.FederatedUser.FederatedUserId.EndsWith(gftRequest.Name, StringComparison.OrdinalIgnoreCase)); Utils.AssertTrue(gftResult.FederatedUser.Arn.EndsWith(gftRequest.Name, StringComparison.OrdinalIgnoreCase)); }
/// <summary> /// Unmarshaller the response from the service to the response class. /// </summary> /// <param name="context"></param> /// <returns></returns> public override AmazonWebServiceResponse Unmarshall(JsonUnmarshallerContext context) { GetFederationTokenResponse response = new GetFederationTokenResponse(); context.Read(); int targetDepth = context.CurrentDepth; while (context.ReadAtDepth(targetDepth)) { if (context.TestExpression("Credentials", targetDepth)) { var unmarshaller = CredentialsUnmarshaller.Instance; response.Credentials = unmarshaller.Unmarshall(context); continue; } } return(response); }
private static void UnmarshallResult(XmlUnmarshallerContext context, GetFederationTokenResponse response) { int originalDepth = context.CurrentDepth; int targetDepth = originalDepth + 1; if (context.IsStartOfDocument) { targetDepth += 2; } while (context.Read()) { if (context.IsStartElement || context.IsAttribute) { if (context.TestExpression("Credentials", targetDepth)) { response.Credentials = CredentialsUnmarshaller.GetInstance().Unmarshall(context); continue; } if (context.TestExpression("FederatedUser", targetDepth)) { response.FederatedUser = FederatedUserUnmarshaller.GetInstance().Unmarshall(context); continue; } if (context.TestExpression("PackedPolicySize", targetDepth)) { response.PackedPolicySize = IntUnmarshaller.GetInstance().Unmarshall(context); continue; } } else if (context.IsEndElement && context.CurrentDepth < originalDepth) { return; } } return; }
public void TestGetFederationTokenAsync() { var gftRequest = new GetFederationTokenRequest { Policy = @"{""Statement"":[{""Effect"":""Allow"",""Action"":""*"",""Resource"":""*""}]}", Name = "BillyBob", DurationSeconds = 3600 }; GetFederationTokenResponse asyncResponse = null; var task = Client.GetFederationTokenAsync(gftRequest); asyncResponse = task.Result; UtilityMethods.Sleep(TimeSpan.FromSeconds(5)); Assert.IsNotNull(asyncResponse); var gftResult = asyncResponse; Assert.IsNotNull(gftResult); Assert.IsNotNull(gftResult.Credentials.AccessKeyId); Assert.IsNotNull(gftResult.Credentials.SecretAccessKey); Assert.IsNotNull(gftResult.Credentials.SessionToken); Assert.IsNotNull(gftResult.Credentials.Expiration); var time = DateTime.Now; var approximateExpires = time.AddHours(1); var expiresAfter = approximateExpires.AddMinutes(-5); var expiresBefore = approximateExpires.AddMinutes(5); var expires = gftResult.Credentials.Expiration; Assert.IsTrue(expires > expiresAfter); Assert.IsTrue(expires < expiresBefore); Assert.IsNotNull(gftResult.FederatedUser.FederatedUserId); Assert.IsNotNull(gftResult.FederatedUser.Arn); Assert.IsTrue(gftResult.FederatedUser.FederatedUserId.EndsWith(gftRequest.Name, StringComparison.OrdinalIgnoreCase)); Assert.IsTrue(gftResult.FederatedUser.Arn.EndsWith(gftRequest.Name, StringComparison.OrdinalIgnoreCase)); }
public override AmazonWebServiceResponse Unmarshall(XmlUnmarshallerContext context) { GetFederationTokenResponse response = new GetFederationTokenResponse(); while (context.Read()) { if (context.IsStartElement) { if (context.TestExpression("GetFederationTokenResult", 2)) { response.GetFederationTokenResult = GetFederationTokenResultUnmarshaller.GetInstance().Unmarshall(context); continue; } if (context.TestExpression("ResponseMetadata", 2)) { response.ResponseMetadata = ResponseMetadataUnmarshaller.GetInstance().Unmarshall(context); } } } return(response); }
public override AmazonWebServiceResponse Unmarshall(XmlUnmarshallerContext context) { GetFederationTokenResponse getFederationTokenResponse = new GetFederationTokenResponse(); context.Read(); int currentDepth = context.get_CurrentDepth(); while (context.ReadAtDepth(currentDepth)) { if (context.get_IsStartElement()) { if (context.TestExpression("GetFederationTokenResult", 2)) { UnmarshallResult(context, getFederationTokenResponse); } else if (context.TestExpression("ResponseMetadata", 2)) { getFederationTokenResponse.set_ResponseMetadata(ResponseMetadataUnmarshaller.get_Instance().Unmarshall(context)); } } } return(getFederationTokenResponse); }
public static string genCredential(Dictionary <string, object> values) { Credential cred = new Credential { SecretId = (string)values["secretId"], SecretKey = (string)values["secretKey"] }; ClientProfile clientProfile = new ClientProfile(); HttpProfile httpProfile = new HttpProfile(); httpProfile.Endpoint = ("sts.tencentcloudapi.com"); clientProfile.HttpProfile = httpProfile; string region = (string)values["region"]; string bucket = (string)values["bucket"]; string allowPrefix = (string)values["allowPrefix"]; string[] allowActions = (string[])values["allowActions"]; string policy = getPolicy(region, bucket, allowPrefix, allowActions); Dictionary <string, object> body = new Dictionary <string, object>(); body.Add("DurationSeconds", (Int32)values["durationSeconds"]); body.Add("Name", "cos-sts-sdk-dotnet"); body.Add("Policy", policy); StsClient client = new StsClient(cred, region, clientProfile); GetFederationTokenRequest req = new GetFederationTokenRequest(); string strParams = JsonConvert.SerializeObject(body); req = GetFederationTokenRequest.FromJsonString <GetFederationTokenRequest>(strParams); GetFederationTokenResponse resp = client.GetFederationToken(req). ConfigureAwait(false).GetAwaiter().GetResult(); return(JsonConvert.SerializeObject(resp)); }
/// <summary> /// 获取联合身份临时访问凭证 /// </summary> /// <returns></returns> public GetFederationTokenResponse GetFederationToken() { Credential cred = new Credential { SecretId = _cosConfig.SecretId, SecretKey = _cosConfig.SecretKey }; ClientProfile clientProfile = new ClientProfile(); HttpProfile httpProfile = new HttpProfile(); httpProfile.Endpoint = _cosConfig.EndPoint; clientProfile.HttpProfile = httpProfile; StsClient client = new StsClient(cred, _cosConfig.Region, clientProfile); GetFederationTokenRequest req = new GetFederationTokenRequest(); req.Name = _cosConfig.Name; req.Policy = HttpUtility.UrlEncode(_cosConfig.Policy); req.DurationSeconds = _cosConfig.DurationSeconds; GetFederationTokenResponse resp = client.GetFederationTokenSync(req); return(resp); }
public static Dictionary <string, object> genCredential(Dictionary <string, object> values) { checkArguments(values, new string[] { "secretId", "secretKey", "region" }); Credential cred = new Credential { SecretId = (string)values["secretId"], SecretKey = (string)values["secretKey"] }; string region = (string)values["region"]; ClientProfile clientProfile = new ClientProfile(); HttpProfile httpProfile = new HttpProfile(); String endpoint = values.ContainsKey("Domain") ? (string)values["Domain"]: "sts.tencentcloudapi.com"; httpProfile.Endpoint = endpoint; clientProfile.HttpProfile = httpProfile; // get policy string policy = null; if (values.ContainsKey("policy")) { policy = (string)values["policy"]; } if (policy == null) { checkArguments(values, new string[] { "bucket", "allowActions" }); string bucket = (string)values["bucket"]; string[] allowActions = (string[])values["allowActions"]; string[] allowPrefixes; if (values.ContainsKey("allowPrefix")) { allowPrefixes = new string[] { (string)values["allowPrefix"] }; } else if (values.ContainsKey("allowPrefixes")) { allowPrefixes = (string[])values["allowPrefixes"]; } else { throw new System.ArgumentException("allowPrefix and allowPrefixes are both null."); } policy = getPolicy(region, bucket, allowPrefixes, allowActions); } // duration Int32 durationSeconds = 1800; if (values.ContainsKey("durationSeconds")) { durationSeconds = (Int32)values["durationSeconds"]; } Dictionary <string, object> body = new Dictionary <string, object>(); body.Add("DurationSeconds", durationSeconds); body.Add("Name", "cos-sts-sdk-dotnet"); body.Add("Policy", policy); StsClient client = new StsClient(cred, region, clientProfile); GetFederationTokenRequest req = new GetFederationTokenRequest(); string strParams = JsonConvert.SerializeObject(body); req = GetFederationTokenRequest.FromJsonString <GetFederationTokenRequest>(strParams); GetFederationTokenResponse resp = client.GetFederationTokenSync(req); string jsonString = JsonConvert.SerializeObject(resp); Dictionary <string, object> dic = JsonConvert.DeserializeObject <Dictionary <string, object> >(jsonString); if (dic.ContainsKey("ExpiredTime")) { dic.Add("StartTime", Int32.Parse(dic["ExpiredTime"].ToString()) - durationSeconds); } return(dic); }