public override AccessCredentials GetCredentials()
{
Validate();
var url = CustomEndPoint;
if (CustomEndPoint == null)
{
var region = Environment.GetEnvironmentVariable("AWS_REGION");
if (string.IsNullOrWhiteSpace(region))
{
url = RequestUtil.MakeTargetURL("sts.amazonaws.com", true);
}
else
{
url = RequestUtil.MakeTargetURL("sts." + region + ".amazonaws.com", true);
}
}
ClientProvider provider = new WebIdentityProvider()
.WithSTSEndpoint(url)
.WithRoleAction("AssumeRoleWithWebIdentity")
.WithDurationInSeconds(null)
.WithPolicy(null)
.WithRoleARN(Environment.GetEnvironmentVariable("AWS_ROLE_ARN"))
.WithRoleSessionName(Environment.GetEnvironmentVariable("AWS_ROLE_SESSION_NAME"));
Credentials = provider.GetCredentials();
return(Credentials);
}
internal AccessCredentials GetAccessCredentials(string tokenFile)
{
Validate();
var url = CustomEndPoint;
var urlStr = url.Authority;
if (url == null || string.IsNullOrWhiteSpace(urlStr))
{
var region = Environment.GetEnvironmentVariable("AWS_REGION");
urlStr = region == null ? "https://sts.amazonaws.com" : "https://sts." + region + ".amazonaws.com";
url = new Uri(urlStr);
}
ClientProvider provider = new WebIdentityProvider()
.WithJWTSupplier(() =>
{
var tokenContents = File.ReadAllText(tokenFile);
return(new JsonWebToken(tokenContents, 0));
})
.WithSTSEndpoint(url)
.WithDurationInSeconds(null)
.WithPolicy(null)
.WithRoleARN(Environment.GetEnvironmentVariable("AWS_ROLE_ARN"))
.WithRoleSessionName(Environment.GetEnvironmentVariable("AWS_ROLE_SESSION_NAME"));
Credentials = provider.GetCredentials();
return(Credentials);
}
