public void GenerateAuthTokenNullCredentials()
{
AssertExtensions.ExpectException(() =>
{
RDSAuthTokenGenerator.GenerateAuthToken((AWSCredentials)null, DBHost, DBPort, DBUser);
}, typeof(ArgumentNullException));
}
public void GenerateAuthTokenHighPort()
{
AssertExtensions.ExpectException(() =>
{
RDSAuthTokenGenerator.GenerateAuthToken(DBHost, 100000, DBUser);
}, typeof(ArgumentException));
}
public void GenerateAuthTokenNullRegion()
{
AssertExtensions.ExpectException(() =>
{
RDSAuthTokenGenerator.GenerateAuthToken((RegionEndpoint)null, DBHost, DBPort, DBUser);
}, typeof(ArgumentNullException));
}
public void GenerateAuthTokenEmptyDBUser()
{
AssertExtensions.ExpectException(() =>
{
RDSAuthTokenGenerator.GenerateAuthToken(DBHost, DBPort, " ");
}, typeof(ArgumentException));
}
public void GenerateAuthTokenEmptyHostname()
{
AssertExtensions.ExpectException(() =>
{
RDSAuthTokenGenerator.GenerateAuthToken(AWSRegion, " ", DBPort, DBUser);
}, typeof(ArgumentException));
}
public void GenerateAuthTokenLowPort()
{
AssertExtensions.ExpectException(() =>
{
RDSAuthTokenGenerator.GenerateAuthToken(AWSRegion, DBHost, -1, DBUser);
}, typeof(ArgumentException));
}
public static string GenerateRDSToken(String hostName, int port, String username)
{
var region = Amazon.RegionEndpoint.APSoutheast2;
var result = RDSAuthTokenGenerator.GenerateAuthToken(region, hostName, port, username);
return(result);
}
public void GenerateAuthTokenNullDBUser()
{
AssertExtensions.ExpectException(() =>
{
RDSAuthTokenGenerator.GenerateAuthToken(AWSRegion, DBHost, DBPort, null);
}, typeof(ArgumentException));
}
/*
* Activation of this module requires an app.config file with a MySQL section, this applies to both .NET Framework and .NET Core applications
* first add a new section to config sections for MySQL
* <section name="MySQL" type="MySql.Data.MySqlClient.MySqlConfiguration,MySql.Data"/>
* then add a MySQL section that looks like this
* <MySQL>
* <Replication>
* <ServerGroups>
* </ServerGroups>
* </Replication>
* <CommandInterceptors/>
* <ExceptionInterceptors/>
* <AuthenticationPlugins>
* <add name="mysql_clear_password" type="ReportingXpress.Common.AWS.RDS.MySQLRoleAuthenticationPlugin, ReportingXpress.Common"></add>
* </AuthenticationPlugins>
* </MySQL>
*/
///// <summary>
///// generate a new RDS authentication ticket
///// </summary>
///// <param name="serverName"></param>
///// <param name="portNumber"></param>
///// <param name="userId"></param>
///// <returns></returns>
protected override ExpiringRDSTicket GetRDSAuthenticationTicket(string serverName, int portNumber, string userId)
{
serverName = VerifyRdsAddress(serverName);
ExpiringRDSTicket returnValue = new ExpiringRDSTicket();
RegionEndpoint regionEndPoint = FallbackRegionFactory.GetRegionEndpoint();
AWSCredentials roleCredentials = new InstanceProfileAWSCredentials();
returnValue.AuthorizationTicket = RDSAuthTokenGenerator.GenerateAuthToken(roleCredentials, regionEndPoint, serverName, portNumber, userId);
//tickets expire in 15 minutes, but Windows time drift is up to a minute in this case, so give it a buffer of 3 minutes
returnValue.ExpiresUtc = DateTime.UtcNow.AddMinutes(14);
return(returnValue);
}
/// <summary>
/// This is the required method signature for NpgsqlConnection.ProviderPasswordCallback
/// </summary>
public string GenerateAwsIamAuthToken(string host, int port, string database, string username)
{
if (username.StartsWith(_usernamePrefix))
{
_logger.LogInformation("Generating iam auth token for {username}", username);
return(RDSAuthTokenGenerator.GenerateAuthToken(host, port, username));
}
else
{
_logger.LogDebug("Skip generating iam auth token because {username} does not match {prefix}", username,
_usernamePrefix);
return(null);
}
}
public void GenerateAuthTokenNoRegionNoCredentials()
{
AssertAuthToken(RDSAuthTokenGenerator.GenerateAuthToken(DBHost, DBPort, DBUser), AccessKey, AWSRegion);
}
public void GenerateAuthTokenSession()
{
AssertAuthToken(RDSAuthTokenGenerator.GenerateAuthToken(SessionCredentials,
AWSRegion, DBHost, DBPort, DBUser), AccessKey, AWSRegion, true);
}
public void GenerateAuthTokenBasic()
{
AssertAuthToken(RDSAuthTokenGenerator.GenerateAuthToken(BasicCredentials,
AWSRegion, DBHost, DBPort, DBUser), AccessKey, AWSRegion);
}
public void GenerateAuthTokenNoRegionNoCredentials()
{
AssertAuthToken(RDSAuthTokenGenerator.GenerateAuthToken(DBHost, DBPort, DBUser), AccessKey, FallbackRegionFactory.GetRegionEndpoint());
}
