com.amazonaws.auth.AWSCredentialsProviderChain Java Examples

The following examples show how to use com.amazonaws.auth.AWSCredentialsProviderChain. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: S3DaoImpl.java    From herd with Apache License 2.0 6 votes vote down vote up
/**
 * <p> Gets the {@link AWSCredentialsProvider} based on the credentials in the given parameters. </p> <p> Returns {@link DefaultAWSCredentialsProviderChain}
 * if either access or secret key is {@code null}. Otherwise returns a {@link StaticCredentialsProvider} with the credentials. </p>
 *
 * @param params - Access parameters
 *
 * @return AWS credentials provider implementation
 */
private AWSCredentialsProvider getAWSCredentialsProvider(S3FileTransferRequestParamsDto params)
{
    List<AWSCredentialsProvider> providers = new ArrayList<>();
    String accessKey = params.getAwsAccessKeyId();
    String secretKey = params.getAwsSecretKey();
    if (accessKey != null && secretKey != null)
    {
        providers.add(new StaticCredentialsProvider(new BasicAWSCredentials(accessKey, secretKey)));
    }
    for (HerdAWSCredentialsProvider herdAWSCredentialsProvider : params.getAdditionalAwsCredentialsProviders())
    {
        providers.add(new HerdAwsCredentialsProviderWrapper(herdAWSCredentialsProvider));
    }
    providers.add(new DefaultAWSCredentialsProviderChain());
    return new AWSCredentialsProviderChain(providers.toArray(new AWSCredentialsProvider[providers.size()]));
}
 
Example #2
Source File: ContextCredentialsAutoConfigurationTest.java    From spring-cloud-aws with Apache License 2.0 6 votes vote down vote up
@Test
void credentialsProvider_accessKeyAndSecretKeyConfigured_configuresStaticCredentialsProviderWithAccessAndSecretKey() {
	// @checkstyle:on
	this.contextRunner.withPropertyValues(
			"cloud.aws.credentials.use-default-aws-credentials-chain:false",
			"cloud.aws.credentials.accessKey:foo",
			"cloud.aws.credentials.secretKey:bar").run((context) -> {
				AWSCredentialsProvider awsCredentialsProvider = context.getBean(
						AmazonWebserviceClientConfigurationUtils.CREDENTIALS_PROVIDER_BEAN_NAME,
						AWSCredentialsProviderChain.class);
				assertThat(awsCredentialsProvider).isNotNull();
				assertThat(
						awsCredentialsProvider.getCredentials().getAWSAccessKeyId())
								.isEqualTo("foo");
				assertThat(awsCredentialsProvider.getCredentials().getAWSSecretKey())
						.isEqualTo("bar");

				@SuppressWarnings("unchecked")
				List<CredentialsProvider> credentialsProviders = (List<CredentialsProvider>) ReflectionTestUtils
						.getField(awsCredentialsProvider, "credentialsProviders");
				assertThat(credentialsProviders).hasSize(1)
						.hasOnlyElementsOfType(AWSStaticCredentialsProvider.class);
			});
}
 
Example #3
Source File: AwsGlacierInventoryRetriever.java    From core with GNU General Public License v3.0 6 votes vote down vote up
/********************** Member Functions **************************/

	public AwsGlacierInventoryRetriever(String region) {
		// Get credentials from credentials file, environment variable, or 
		// Java property. 
		// See http://docs.aws.amazon.com/AWSJavaSDK/latest/javadoc/com/amazonaws/auth/DefaultAWSCredentialsProviderChain.html
		AWSCredentialsProviderChain credentialsProvider = 
				new DefaultAWSCredentialsProviderChain();
		AWSCredentials credentials = credentialsProvider.getCredentials();
		logger.debug("Read in credentials AWSAccessKeyId={} AWSSecretKey={}...",
				credentials.getAWSAccessKeyId(), 
				credentials.getAWSSecretKey().substring(0, 4));
		
		// Create the glacier client and set to specified region.
		glacierClient = new AmazonGlacierClient(credentials);
		glacierClient.setEndpoint("https://glacier." + region + ".amazonaws.com");
		
		// Set up params needed for retrieving vault inventory
        sqsClient = new AmazonSQSClient(credentials);
        sqsClient.setEndpoint("https://sqs." + region + ".amazonaws.com");
        snsClient = new AmazonSNSClient(credentials);
        snsClient.setEndpoint("https://sns." + region + ".amazonaws.com");
        setupSQS();
        setupSNS();
	}
 
Example #4
Source File: AWSLambdaConfiguration.java    From micronaut-aws with Apache License 2.0 5 votes vote down vote up
/**
 * Constructor.
 * @param clientConfiguration clientConfiguration
 * @param environment environment
 */
public AWSLambdaConfiguration(AWSClientConfiguration clientConfiguration, Environment environment) {
    this.clientConfiguration = clientConfiguration;

    this.builder.setCredentials(new AWSCredentialsProviderChain(
        new EnvironmentAWSCredentialsProvider(environment),
        new EnvironmentVariableCredentialsProvider(),
        new SystemPropertiesCredentialsProvider(),
        new ProfileCredentialsProvider(),
        new EC2ContainerCredentialsProviderWrapper()
    ));
}
 
Example #5
Source File: AWSCredentialsProviderPropertyValueDecoder.java    From amazon-kinesis-client with Apache License 2.0 5 votes vote down vote up
/**
 * Get AWSCredentialsProvider property.
 *
 * @param value
 *            property value as String
 * @return corresponding variable in correct type
 */
@Override
public AWSCredentialsProvider decodeValue(String value) {
    if (value != null) {
        List<String> providerNames = getProviderNames(value);
        List<AWSCredentialsProvider> providers = getValidCredentialsProviders(providerNames);
        AWSCredentialsProvider[] ps = new AWSCredentialsProvider[providers.size()];
        providers.toArray(ps);
        return new AWSCredentialsProviderChain(providers);
    } else {
        throw new IllegalArgumentException("Property AWSCredentialsProvider is missing.");
    }
}
 
Example #6
Source File: ContextCredentialsAutoConfiguration.java    From spring-cloud-aws with Apache License 2.0 5 votes vote down vote up
@Bean(name = CREDENTIALS_PROVIDER_BEAN_NAME)
@ConditionalOnMissingBean(name = CREDENTIALS_PROVIDER_BEAN_NAME)
public AWSCredentialsProvider awsCredentialsProvider(
		AwsCredentialsProperties properties) {

	List<AWSCredentialsProvider> providers = resolveCredentialsProviders(properties);

	if (providers.isEmpty()) {
		return new DefaultAWSCredentialsProviderChain();
	}
	else {
		return new AWSCredentialsProviderChain(providers);
	}
}
 
Example #7
Source File: AwsGlacier.java    From core with GNU General Public License v3.0 5 votes vote down vote up
/********************** Member Functions **************************/

	public AwsGlacier(String region) {
		// Get credentials from credentials file, environment variable, or 
		// Java property. 
		// See http://docs.aws.amazon.com/AWSJavaSDK/latest/javadoc/com/amazonaws/auth/DefaultAWSCredentialsProviderChain.html
		AWSCredentialsProviderChain credentialsProvider = 
				new DefaultAWSCredentialsProviderChain();
		credentials = credentialsProvider.getCredentials();
		logger.debug("Read in credentials AWSAccessKeyId={} AWSSecretKey={}...",
				credentials.getAWSAccessKeyId(), 
				credentials.getAWSSecretKey().substring(0, 4));
		
		// Create the glacier client and set to specified region.
		glacierClient = new AmazonGlacierClient(credentials);
		glacierClient.setEndpoint("https://glacier." + region + ".amazonaws.com");
		
		// Set up params needed for retrieving vault inventory
        sqsClient = new AmazonSQSClient(credentials);
        sqsClient.setEndpoint("https://sqs." + region + ".amazonaws.com");
        snsClient = new AmazonSNSClient(credentials);
        snsClient.setEndpoint("https://sns." + region + ".amazonaws.com");

        // Create the ArchiveTransferManager used for uploading and 
        // downloading files. Need to use ArchiveTransferManager constructor 
        // that allows one to specify sqsClient & snsClient so that they have
        // the proper region. If use ArchiveTransferManager without specifying
        // sqs and sns clients then default ones are constructed, but these
        // use the default Virginia region, which is wrong.
		atm = new ArchiveTransferManager(glacierClient, sqsClient, snsClient);
}
 
Example #8
Source File: DeployTask.java    From gradle-beanstalk-plugin with MIT License 5 votes vote down vote up
@TaskAction
protected void deploy() {
    String versionLabel = getVersionLabel();

    AWSCredentialsProviderChain credentialsProvider = new AWSCredentialsProviderChain(new EnvironmentVariableCredentialsProvider(), new SystemPropertiesCredentialsProvider(), new ProfileCredentialsProvider(beanstalk.getProfile()), new EC2ContainerCredentialsProviderWrapper());

    BeanstalkDeployer deployer = new BeanstalkDeployer(beanstalk.getS3Endpoint(), beanstalk.getBeanstalkEndpoint(), credentialsProvider);

    File warFile = getProject().files(war).getSingleFile();
    deployer.deploy(warFile, deployment.getApplication(), deployment.getEnvironment(), deployment.getTemplate(), versionLabel);
}
 
Example #9
Source File: KinesisConfig.java    From samza with Apache License 2.0 5 votes vote down vote up
/**
 * Get the appropriate CredentialProvider for a given system stream.
 * @param system name of the system
 * @param stream name of the stream
 * @return AWSCredentialsProvider
 */
AWSCredentialsProvider credentialsProviderForStream(String system, String stream) {
  // Try to load credentials in the following order:
  // 1. Access key from the config and passed in secretKey
  // 2. From the default credential provider chain (environment variables, system properties, AWS profile file, etc)
  return new AWSCredentialsProviderChain(
      new KinesisAWSCredentialsProvider(getStreamAccessKey(system, stream), getStreamSecretKey(system, stream)),
      new DefaultAWSCredentialsProviderChain());
}
 
Example #10
Source File: ExtPropertiesFileConfiguration.java    From fullstop with Apache License 2.0 5 votes vote down vote up
/**
 * Creates a {@link PropertiesFileConfiguration} from values provided in a classpath properties file.
 *
 * @param prop               the classpath properties file to load.
 * @param credentialProvider credential provider.
 */
public ExtPropertiesFileConfiguration(final Properties prop, final AWSCredentialsProviderChain credentialProvider) {

    this.sqsUrl = prop.getProperty(SQS_URL);
    LibraryUtils.checkArgumentNotNull(this.sqsUrl, "Cannot find SQS URL in properties file.");

    final String accessKey = prop.getProperty(ACCESS_KEY);
    final String secretKey = prop.getProperty(SECRET_KEY);

    if (accessKey != null && secretKey != null) {
        this.awsCredentialsProvider = new SimplePropertiesCredentials(prop);
    }
    else {
        this.awsCredentialsProvider = credentialProvider;
    }

    this.s3Region = prop.getProperty(S3_REGION);
    this.visibilityTimeout = this.getIntProperty(prop, VISIBILITY_TIMEOUT);

    this.sqsRegion = prop.getProperty(SQS_REGION);

    this.threadCount = this.getIntProperty(prop, THREAD_COUNT);
    this.threadTerminationDelaySeconds = this.getIntProperty(prop, THREAD_TERMINATION_DELAY_SECONDS);

    this.maxEventsPerEmit = this.getIntProperty(prop, MAX_EVENTS_PER_EMIT);
    this.enableRawEventInfo = this.getBooleanProperty(prop, ENABLE_RAW_EVENT_INFO);
}
 
Example #11
Source File: AWSCredentialsProviderPropertyValueDecoderTest.java    From amazon-kinesis-client with Apache License 2.0 4 votes vote down vote up
public AWSCredentialsMatcher(String akid, String secret) {
    this.akidMatcher = equalTo(akid);
    this.secretMatcher = equalTo(secret);
    this.classMatcher = instanceOf(AWSCredentialsProviderChain.class);
}
 
Example #12
Source File: S3DaoTest.java    From herd with Apache License 2.0 4 votes vote down vote up
@Test
public void testGetAWSCredentialsProviderAssertStaticCredentialsSet()
{
    S3Operations originalS3Operations = (S3Operations) ReflectionTestUtils.getField(s3Dao, "s3Operations");
    S3Operations mockS3Operations = mock(S3Operations.class);
    ReflectionTestUtils.setField(s3Dao, "s3Operations", mockS3Operations);

    try
    {
        String s3BucketName = "s3BucketName";
        String s3KeyPrefix = "s3KeyPrefix";
        String s3AccessKey = "s3AccessKey";
        String s3SecretKey = "s3SecretKey";

        S3FileTransferRequestParamsDto s3FileTransferRequestParamsDto = new S3FileTransferRequestParamsDto();
        s3FileTransferRequestParamsDto.setS3BucketName(s3BucketName);
        s3FileTransferRequestParamsDto.setS3KeyPrefix(s3KeyPrefix);
        s3FileTransferRequestParamsDto.setAwsAccessKeyId(s3AccessKey);
        s3FileTransferRequestParamsDto.setAwsSecretKey(s3SecretKey);

        when(mockS3Operations.putObject(any(), any())).then(new Answer<PutObjectResult>()
        {
            @SuppressWarnings("unchecked")
            @Override
            public PutObjectResult answer(InvocationOnMock invocation) throws Throwable
            {
                AmazonS3Client amazonS3Client = invocation.getArgument(1);
                AWSCredentialsProviderChain awsCredentialsProviderChain =
                    (AWSCredentialsProviderChain) ReflectionTestUtils.getField(amazonS3Client, "awsCredentialsProvider");
                List<AWSCredentialsProvider> credentialsProviders =
                    (List<AWSCredentialsProvider>) ReflectionTestUtils.getField(awsCredentialsProviderChain, "credentialsProviders");
                // Expect 2 providers: the static provider, and the default provider
                assertEquals(2, credentialsProviders.size());

                // Only verify the static value
                assertEquals(StaticCredentialsProvider.class, credentialsProviders.get(0).getClass());
                StaticCredentialsProvider staticCredentialsProvider = (StaticCredentialsProvider) credentialsProviders.get(0);
                assertEquals(s3AccessKey, staticCredentialsProvider.getCredentials().getAWSAccessKeyId());
                assertEquals(s3SecretKey, staticCredentialsProvider.getCredentials().getAWSSecretKey());
                return new PutObjectResult();
            }
        });

        s3Dao.createDirectory(s3FileTransferRequestParamsDto);
    }
    finally
    {
        ReflectionTestUtils.setField(s3Dao, "s3Operations", originalS3Operations);
    }
}
 
Example #13
Source File: S3DaoTest.java    From herd with Apache License 2.0 4 votes vote down vote up
@Test
public void testGetAWSCredentialsProviderAssertStaticCredentialsIsNotSetWhenSecretKeyIsNull()
{
    S3Operations originalS3Operations = (S3Operations) ReflectionTestUtils.getField(s3Dao, "s3Operations");
    S3Operations mockS3Operations = mock(S3Operations.class);
    ReflectionTestUtils.setField(s3Dao, "s3Operations", mockS3Operations);

    try
    {
        String s3BucketName = "s3BucketName";
        String s3KeyPrefix = "s3KeyPrefix";
        String s3AccessKey = "s3AccessKey";
        String s3SecretKey = null;

        S3FileTransferRequestParamsDto s3FileTransferRequestParamsDto = new S3FileTransferRequestParamsDto();
        s3FileTransferRequestParamsDto.setS3BucketName(s3BucketName);
        s3FileTransferRequestParamsDto.setS3KeyPrefix(s3KeyPrefix);
        s3FileTransferRequestParamsDto.setAwsAccessKeyId(s3AccessKey);
        s3FileTransferRequestParamsDto.setAwsSecretKey(s3SecretKey);

        when(mockS3Operations.putObject(any(), any())).then(new Answer<PutObjectResult>()
        {
            @SuppressWarnings("unchecked")
            @Override
            public PutObjectResult answer(InvocationOnMock invocation) throws Throwable
            {
                AmazonS3Client amazonS3Client = invocation.getArgument(1);
                AWSCredentialsProviderChain awsCredentialsProviderChain =
                    (AWSCredentialsProviderChain) ReflectionTestUtils.getField(amazonS3Client, "awsCredentialsProvider");
                List<AWSCredentialsProvider> credentialsProviders =
                    (List<AWSCredentialsProvider>) ReflectionTestUtils.getField(awsCredentialsProviderChain, "credentialsProviders");
                assertEquals(1, credentialsProviders.size());
                assertEquals(DefaultAWSCredentialsProviderChain.class, credentialsProviders.get(0).getClass());
                return new PutObjectResult();
            }
        });

        s3Dao.createDirectory(s3FileTransferRequestParamsDto);
    }
    finally
    {
        ReflectionTestUtils.setField(s3Dao, "s3Operations", originalS3Operations);
    }
}
 
Example #14
Source File: S3DaoTest.java    From herd with Apache License 2.0 4 votes vote down vote up
@Test
public void testGetAWSCredentialsProviderAssertStaticCredentialsIsNotSetWhenAccessKeyIsNull()
{
    S3Operations originalS3Operations = (S3Operations) ReflectionTestUtils.getField(s3Dao, "s3Operations");
    S3Operations mockS3Operations = mock(S3Operations.class);
    ReflectionTestUtils.setField(s3Dao, "s3Operations", mockS3Operations);

    try
    {
        String s3BucketName = "s3BucketName";
        String s3KeyPrefix = "s3KeyPrefix";
        String s3AccessKey = null;
        String s3SecretKey = "s3SecretKey";

        S3FileTransferRequestParamsDto s3FileTransferRequestParamsDto = new S3FileTransferRequestParamsDto();
        s3FileTransferRequestParamsDto.setS3BucketName(s3BucketName);
        s3FileTransferRequestParamsDto.setS3KeyPrefix(s3KeyPrefix);
        s3FileTransferRequestParamsDto.setAwsAccessKeyId(s3AccessKey);
        s3FileTransferRequestParamsDto.setAwsSecretKey(s3SecretKey);

        when(mockS3Operations.putObject(any(), any())).then(new Answer<PutObjectResult>()
        {
            @SuppressWarnings("unchecked")
            @Override
            public PutObjectResult answer(InvocationOnMock invocation) throws Throwable
            {
                AmazonS3Client amazonS3Client = invocation.getArgument(1);
                AWSCredentialsProviderChain awsCredentialsProviderChain =
                    (AWSCredentialsProviderChain) ReflectionTestUtils.getField(amazonS3Client, "awsCredentialsProvider");
                List<AWSCredentialsProvider> credentialsProviders =
                    (List<AWSCredentialsProvider>) ReflectionTestUtils.getField(awsCredentialsProviderChain, "credentialsProviders");
                assertEquals(1, credentialsProviders.size());
                assertEquals(DefaultAWSCredentialsProviderChain.class, credentialsProviders.get(0).getClass());
                return new PutObjectResult();
            }
        });

        s3Dao.createDirectory(s3FileTransferRequestParamsDto);
    }
    finally
    {
        ReflectionTestUtils.setField(s3Dao, "s3Operations", originalS3Operations);
    }
}
 
Example #15
Source File: S3DaoTest.java    From herd with Apache License 2.0 4 votes vote down vote up
/**
 * A case where additional credentials provider is given in the request params. The credentials returned should be an AWS session credential where the
 * values are from the provided custom credentials provider.
 */
@Test
public void testGetAWSCredentialsProviderAssertAdditionalProviderIsSet() throws Exception
{
    S3Operations originalS3Operations = (S3Operations) ReflectionTestUtils.getField(s3Dao, "s3Operations");
    S3Operations mockS3Operations = mock(S3Operations.class);
    ReflectionTestUtils.setField(s3Dao, "s3Operations", mockS3Operations);

    try
    {
        String s3BucketName = "s3BucketName";
        String s3KeyPrefix = "s3KeyPrefix";
        String awsAccessKey = "awsAccessKey";
        String awsSecretKey = "awsSecretKey";
        String awsSessionToken = "awsSessionToken";

        S3FileTransferRequestParamsDto s3FileTransferRequestParamsDto = new S3FileTransferRequestParamsDto();
        s3FileTransferRequestParamsDto.setS3BucketName(s3BucketName);
        s3FileTransferRequestParamsDto.setS3KeyPrefix(s3KeyPrefix);
        s3FileTransferRequestParamsDto.setAdditionalAwsCredentialsProviders(Arrays.asList(new HerdAWSCredentialsProvider()
        {
            @Override
            public AwsCredential getAwsCredential()
            {
                return new AwsCredential(awsAccessKey, awsSecretKey, awsSessionToken, null);
            }
        }));

        when(mockS3Operations.putObject(any(), any())).then(new Answer<PutObjectResult>()
        {
            @SuppressWarnings("unchecked")
            @Override
            public PutObjectResult answer(InvocationOnMock invocation) throws Throwable
            {
                AmazonS3Client amazonS3Client = invocation.getArgument(1);
                AWSCredentialsProviderChain awsCredentialsProviderChain =
                    (AWSCredentialsProviderChain) ReflectionTestUtils.getField(amazonS3Client, "awsCredentialsProvider");
                List<AWSCredentialsProvider> credentialsProviders =
                    (List<AWSCredentialsProvider>) ReflectionTestUtils.getField(awsCredentialsProviderChain, "credentialsProviders");
                assertEquals(2, credentialsProviders.size());

                // refresh() does nothing, but gives code coverage
                credentialsProviders.get(0).refresh();

                /*
                 * We can't inspect the field directly since the class definition is private.
                 * Instead we call the getCredentials() and verify that it returns the credentials staged as part of this test.
                 */
                AWSCredentials credentials = awsCredentialsProviderChain.getCredentials();
                assertEquals(BasicSessionCredentials.class, credentials.getClass());

                BasicSessionCredentials basicSessionCredentials = (BasicSessionCredentials) credentials;

                assertEquals(awsAccessKey, basicSessionCredentials.getAWSAccessKeyId());
                assertEquals(awsSecretKey, basicSessionCredentials.getAWSSecretKey());
                assertEquals(awsSessionToken, basicSessionCredentials.getSessionToken());

                return new PutObjectResult();
            }
        });

        s3Dao.createDirectory(s3FileTransferRequestParamsDto);
    }
    finally
    {
        ReflectionTestUtils.setField(s3Dao, "s3Operations", originalS3Operations);
    }
}
 
Example #16
Source File: AWSTools.java    From lambadaframework with MIT License 4 votes vote down vote up
protected static AWSCredentialsProviderChain getAWSCredentialsProvideChain() {
    return new DefaultAWSCredentialsProviderChain();
}
 
Example #17
Source File: SnsConfiguration.java    From circus-train with Apache License 2.0 4 votes vote down vote up
@Bean
AWSCredentialsProvider awsCredentialsProvider(
    @Qualifier("replicaHiveConf") org.apache.hadoop.conf.Configuration conf) {
  return new AWSCredentialsProviderChain(new BasicAuth(conf), InstanceProfileCredentialsProvider.getInstance());
}