Пример #1
0
    public override AccessCredentials GetCredentials()
    {
        Validate();
        var url = CustomEndPoint;

        if (CustomEndPoint == null)
        {
            var region = Environment.GetEnvironmentVariable("AWS_REGION");
            if (string.IsNullOrWhiteSpace(region))
            {
                url = RequestUtil.MakeTargetURL("sts.amazonaws.com", true);
            }
            else
            {
                url = RequestUtil.MakeTargetURL("sts." + region + ".amazonaws.com", true);
            }
        }

        ClientProvider provider = new WebIdentityProvider()
                                  .WithSTSEndpoint(url)
                                  .WithRoleAction("AssumeRoleWithWebIdentity")
                                  .WithDurationInSeconds(null)
                                  .WithPolicy(null)
                                  .WithRoleARN(Environment.GetEnvironmentVariable("AWS_ROLE_ARN"))
                                  .WithRoleSessionName(Environment.GetEnvironmentVariable("AWS_ROLE_SESSION_NAME"));

        Credentials = provider.GetCredentials();
        return(Credentials);
    }
Пример #2
0
    internal AccessCredentials GetAccessCredentials(string tokenFile)
    {
        Validate();
        var url    = CustomEndPoint;
        var urlStr = url.Authority;

        if (url == null || string.IsNullOrWhiteSpace(urlStr))
        {
            var region = Environment.GetEnvironmentVariable("AWS_REGION");
            urlStr = region == null ? "https://sts.amazonaws.com" : "https://sts." + region + ".amazonaws.com";
            url    = new Uri(urlStr);
        }

        ClientProvider provider = new WebIdentityProvider()
                                  .WithJWTSupplier(() =>
        {
            var tokenContents = File.ReadAllText(tokenFile);
            return(new JsonWebToken(tokenContents, 0));
        })
                                  .WithSTSEndpoint(url)
                                  .WithDurationInSeconds(null)
                                  .WithPolicy(null)
                                  .WithRoleARN(Environment.GetEnvironmentVariable("AWS_ROLE_ARN"))
                                  .WithRoleSessionName(Environment.GetEnvironmentVariable("AWS_ROLE_SESSION_NAME"));

        Credentials = provider.GetCredentials();
        return(Credentials);
    }