public object Execute(ExecutorContext context)
{
var cmdletContext = context as CmdletContext;
// create request
var request = new Amazon.SecurityToken.Model.GetSessionTokenRequest();
if (cmdletContext.DurationInSeconds != null)
{
request.DurationSeconds = cmdletContext.DurationInSeconds.Value;
}
if (cmdletContext.SerialNumber != null)
{
request.SerialNumber = cmdletContext.SerialNumber;
}
if (cmdletContext.TokenCode != null)
{
request.TokenCode = cmdletContext.TokenCode;
}
CmdletOutput output;
// issue call
var client = Client ?? CreateClient(_CurrentCredentials, _RegionEndpoint);
try
{
var response = CallAWSServiceOperation(client, request);
object pipelineOutput = null;
pipelineOutput = cmdletContext.Select(response, this);
output = new CmdletOutput
{
PipelineOutput = pipelineOutput,
ServiceResponse = response
};
}
catch (Exception e)
{
output = new CmdletOutput {
ErrorResponse = e
};
}
return(output);
}
/// <summary>
/// Initiates the asynchronous execution of the GetSessionToken operation.
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the GetSessionToken operation on AmazonSecurityTokenServiceClient.</param>
/// <param name="callback">An AsyncCallback delegate that is invoked when the operation completes.</param>
/// <param name="state">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback
/// procedure using the AsyncState property.</param>
///
/// <returns>An IAsyncResult that can be used to poll or wait for results, or both; this value is also needed when invoking EndGetSessionToken
/// operation.</returns>
public IAsyncResult BeginGetSessionToken(GetSessionTokenRequest request, AsyncCallback callback, object state)
{
var marshaller = new GetSessionTokenRequestMarshaller();
var unmarshaller = GetSessionTokenResponseUnmarshaller.Instance;
return BeginInvoke<GetSessionTokenRequest>(request, marshaller, unmarshaller,
callback, state);
}
/// <summary>
/// Returns a set of temporary credentials for an AWS account or IAM user. The credentials
/// consist of an access key ID, a secret access key, and a security token. Typically,
/// you use <code>GetSessionToken</code> if you want to use MFA to protect programmatic
/// calls to specific AWS APIs like Amazon EC2 <code>StopInstances</code>. MFA-enabled
/// IAM users would need to call <code>GetSessionToken</code> and submit an MFA code that
/// is associated with their MFA device. Using the temporary security credentials that
/// are returned from the call, IAM users can then make programmatic calls to APIs that
/// require MFA authentication. If you do not supply a correct MFA code, then the API
/// returns an access denied error.
///
///
/// <para>
/// The <code>GetSessionToken</code> action must be called by using the long-term AWS
/// security credentials of the AWS account or an IAM user. Credentials that are created
/// by IAM users are valid for the duration that you specify, between 900 seconds (15
/// minutes) and 129600 seconds (36 hours); credentials that are created by using account
/// credentials have a maximum duration of 3600 seconds (1 hour).
/// </para>
/// <note>
/// <para>
/// We recommend that you do not call <code>GetSessionToken</code> with root account credentials.
/// Instead, follow our <a href="http://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#create-iam-users">best
/// practices</a> by creating one or more IAM users, giving them the necessary permissions,
/// and using IAM users for everyday interaction with AWS.
/// </para>
/// </note>
/// <para>
/// The permissions associated with the temporary security credentials returned by <code>GetSessionToken</code>
/// are based on the permissions associated with account or IAM user whose credentials
/// are used to call the action. If <code>GetSessionToken</code> is called using root
/// account credentials, the temporary credentials have root account permissions. Similarly,
/// if <code>GetSessionToken</code> is called using the credentials of an IAM user, the
/// temporary credentials have the same permissions as the IAM user.
/// </para>
///
/// <para>
/// For more information about using <code>GetSessionToken</code> to create temporary
/// credentials, go to <a href="http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken">Temporary
/// Credentials for Users in Untrusted Environments</a> in the <i>Using IAM</i>.
/// </para>
/// </summary>
/// <param name="request">Container for the necessary parameters to execute the GetSessionToken service method.</param>
///
/// <returns>The response from the GetSessionToken service method, as returned by SecurityTokenService.</returns>
public GetSessionTokenResponse GetSessionToken(GetSessionTokenRequest request)
{
var marshaller = new GetSessionTokenRequestMarshaller();
var unmarshaller = GetSessionTokenResponseUnmarshaller.Instance;
return Invoke<GetSessionTokenRequest,GetSessionTokenResponse>(request, marshaller, unmarshaller);
}
IAsyncResult invokeGetSessionToken(GetSessionTokenRequest getSessionTokenRequest, AsyncCallback callback, object state, bool synchronized)
{
IRequest irequest = new GetSessionTokenRequestMarshaller().Marshall(getSessionTokenRequest);
var unmarshaller = GetSessionTokenResponseUnmarshaller.GetInstance();
AsyncResult result = new AsyncResult(irequest, callback, state, synchronized, signer, unmarshaller);
Invoke(result);
return result;
}
/// <summary>
/// <para>The GetSessionToken action returns a set of temporary credentials for an AWS account or IAM user. The credentials consist of an Access
/// Key ID, a Secret Access Key, and a security token. These credentials are valid for the specified duration only. The session duration for IAM
/// users can be between one and 36 hours, with a default of 12 hours. The session duration for AWS account owners is restricted to one
/// hour.</para> <para>For more information about using GetSessionToken to create temporary credentials, go to Creating Temporary Credentials to
/// Enable Access for IAM Users in <i>Using IAM</i> .</para>
/// </summary>
///
/// <param name="getSessionTokenRequest">Container for the necessary parameters to execute the GetSessionToken service method on
/// AmazonSecurityTokenService.</param>
///
/// <returns>The response from the GetSessionToken service method, as returned by AmazonSecurityTokenService.</returns>
///
public GetSessionTokenResponse GetSessionToken(GetSessionTokenRequest getSessionTokenRequest)
{
IAsyncResult asyncResult = invokeGetSessionToken(getSessionTokenRequest, null, null, true);
return EndGetSessionToken(asyncResult);
}
/// <summary>
/// Initiates the asynchronous execution of the GetSessionToken operation.
/// <seealso cref="Amazon.SecurityToken.AmazonSecurityTokenService.GetSessionToken"/>
/// </summary>
///
/// <param name="getSessionTokenRequest">Container for the necessary parameters to execute the GetSessionToken operation on
/// AmazonSecurityTokenService.</param>
/// <param name="callback">An AsyncCallback delegate that is invoked when the operation completes.</param>
/// <param name="state">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback
/// procedure using the AsyncState property.</param>
///
/// <returns>An IAsyncResult that can be used to poll or wait for results, or both; this value is also needed when invoking EndGetSessionToken
/// operation.</returns>
public IAsyncResult BeginGetSessionToken(GetSessionTokenRequest getSessionTokenRequest, AsyncCallback callback, object state)
{
return invokeGetSessionToken(getSessionTokenRequest, callback, state, false);
}
private Amazon.SecurityToken.Model.GetSessionTokenResponse CallAWSServiceOperation(IAmazonSecurityTokenService client, Amazon.SecurityToken.Model.GetSessionTokenRequest request)
{
Utils.Common.WriteVerboseEndpointMessage(this, client.Config, "AWS Security Token Service (STS)", "GetSessionToken");
try
{
#if DESKTOP
return(client.GetSessionToken(request));
#elif CORECLR
return(client.GetSessionTokenAsync(request).GetAwaiter().GetResult());
#else
#error "Unknown build edition"
#endif
}
catch (AmazonServiceException exc)
{
var webException = exc.InnerException as System.Net.WebException;
if (webException != null)
{
throw new Exception(Utils.Common.FormatNameResolutionFailureMessage(client.Config, webException.Message), webException);
}
throw;
}
}
/// <summary>
/// Initiates the asynchronous execution of the GetSessionToken operation.
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the GetSessionToken operation.</param>
/// <param name="cancellationToken">
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
/// </param>
/// <returns>The task object representing the asynchronous operation.</returns>
public Task<GetSessionTokenResponse> GetSessionTokenAsync(GetSessionTokenRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var marshaller = new GetSessionTokenRequestMarshaller();
var unmarshaller = GetSessionTokenResponseUnmarshaller.Instance;
return InvokeAsync<GetSessionTokenRequest,GetSessionTokenResponse>(request, marshaller,
unmarshaller, cancellationToken);
}
IAsyncResult invokeGetSessionToken(GetSessionTokenRequest request, AsyncCallback callback, object state, bool synchronized)
{
var marshaller = new GetSessionTokenRequestMarshaller();
var unmarshaller = GetSessionTokenResponseUnmarshaller.Instance;
return Invoke(request, callback, state, synchronized, marshaller, unmarshaller, signer);
}
/// <summary>
/// Initiates the asynchronous execution of the GetSessionToken operation.
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the GetSessionToken operation on AmazonSecurityTokenServiceClient.</param>
/// <param name="callback">An Action delegate that is invoked when the operation completes.</param>
/// <param name="options">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback
/// procedure using the AsyncState property.</param>
public void GetSessionTokenAsync(GetSessionTokenRequest request, AmazonServiceCallback<GetSessionTokenRequest, GetSessionTokenResponse> callback, AsyncOptions options = null)
{
options = options == null?new AsyncOptions():options;
var marshaller = new GetSessionTokenRequestMarshaller();
var unmarshaller = GetSessionTokenResponseUnmarshaller.Instance;
Action<AmazonWebServiceRequest, AmazonWebServiceResponse, Exception, AsyncOptions> callbackHelper = null;
if(callback !=null )
callbackHelper = (AmazonWebServiceRequest req, AmazonWebServiceResponse res, Exception ex, AsyncOptions ao) => {
AmazonServiceResult<GetSessionTokenRequest,GetSessionTokenResponse> responseObject
= new AmazonServiceResult<GetSessionTokenRequest,GetSessionTokenResponse>((GetSessionTokenRequest)req, (GetSessionTokenResponse)res, ex , ao.State);
callback(responseObject);
};
BeginInvoke<GetSessionTokenRequest>(request, marshaller, unmarshaller, options, callbackHelper);
}
/// <summary>
/// <para> Returns a set of temporary credentials for an AWS account or IAM user. The credentials consist of an access key ID, a secret access
/// key, and a security token. Typically, you use <c>GetSessionToken</c> if you want use MFA to protect programmatic calls to specific AWS APIs
/// like Amazon EC2 <c>StopInstances</c> . MFA-enabled IAM users would need to call <c>GetSessionToken</c> and submit an MFA code that is
/// associated with their MFA device. Using the temporary security credentials that are returned from the call, IAM users can then make
/// programmatic calls to APIs that require MFA authentication. </para> <para> The <c>GetSessionToken</c> action must be called by using the
/// long-term AWS security credentials of the AWS account or an IAM user. Credentials that are created by IAM users are valid for the duration
/// that you specify, between 900 seconds (15 minutes) and 129600 seconds (36 hours); credentials that are created by using account credentials
/// have a maximum duration of 3600 seconds (1 hour). </para> <para>Optionally, you can pass an AWS IAM access policy to this operation. The
/// temporary security credentials that are returned by the operation have the permissions that are associated with the entity that is making
/// the <c>GetSessionToken</c> call, except for any permissions explicitly denied by the policy you pass. This gives you a way to further
/// restrict the permissions for the federated user. These policies and any applicable resource-based policies are evaluated when calls to AWS
/// are made using the temporary security credentials. </para> <para>For more information about using <c>GetSessionToken</c> to create temporary
/// credentials, go to <a href="http://docs.aws.amazon.com/IAM/latest/UserGuide/CreatingSessionTokens.html"> Creating Temporary Credentials to
/// Enable Access for IAM Users </a> in <i>Using IAM</i> .
/// </para>
/// </summary>
///
/// <param name="getSessionTokenRequest">Container for the necessary parameters to execute the GetSessionToken service method on
/// AmazonSecurityTokenService.</param>
///
/// <returns>The response from the GetSessionToken service method, as returned by AmazonSecurityTokenService.</returns>
/// <param name="cancellationToken">
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
/// </param>
public Task<GetSessionTokenResponse> GetSessionTokenAsync(GetSessionTokenRequest getSessionTokenRequest, CancellationToken cancellationToken = default(CancellationToken))
{
var marshaller = new GetSessionTokenRequestMarshaller();
var unmarshaller = GetSessionTokenResponseUnmarshaller.GetInstance();
return Invoke<IRequest, GetSessionTokenRequest, GetSessionTokenResponse>(getSessionTokenRequest, marshaller, unmarshaller, signer, cancellationToken);
}
internal GetSessionTokenResponse GetSessionToken(GetSessionTokenRequest request)
{
var task = GetSessionTokenAsync(request);
try
{
return task.Result;
}
catch(AggregateException e)
{
throw e.InnerException;
}
}
internal GetSessionTokenResponse GetSessionToken(GetSessionTokenRequest request)
{
var task = GetSessionTokenAsync(request);
try
{
return task.Result;
}
catch(AggregateException e)
{
ExceptionDispatchInfo.Capture(e.InnerException).Throw();
return null;
}
}
/// <summary>
/// Initiates the asynchronous execution of the GetSessionToken operation.
/// <seealso cref="Amazon.SecurityToken.IAmazonSecurityTokenService.GetSessionToken"/>
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the GetSessionToken operation.</param>
/// <param name="cancellationToken">
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
/// </param>
/// <returns>The task object representing the asynchronous operation.</returns>
public async Task<GetSessionTokenResponse> GetSessionTokenAsync(GetSessionTokenRequest request, CancellationToken cancellationToken = default(CancellationToken))
{
var marshaller = new GetSessionTokenRequestMarshaller();
var unmarshaller = GetSessionTokenResponseUnmarshaller.GetInstance();
var response = await Invoke<IRequest, GetSessionTokenRequest, GetSessionTokenResponse>(request, marshaller, unmarshaller, signer, cancellationToken)
.ConfigureAwait(continueOnCapturedContext: false);
return response;
}
/// <summary>
/// </summary>
///
/// <param name="getSessionTokenRequest">Container for the necessary parameters to execute the GetSessionToken service method on
/// AmazonSecurityTokenService.</param>
///
/// <returns>The response from the GetSessionToken service method, as returned by AmazonSecurityTokenService.</returns>
///
public GetSessionTokenResponse GetSessionToken(GetSessionTokenRequest getSessionTokenRequest)
{
IRequest<GetSessionTokenRequest> request = new GetSessionTokenRequestMarshaller().Marshall(getSessionTokenRequest);
GetSessionTokenResponse response = Invoke<GetSessionTokenRequest, GetSessionTokenResponse> (request, this.signer, GetSessionTokenResponseUnmarshaller.GetInstance());
return response;
}
