com.amazonaws.auth.AWSSessionCredentials Java Examples
The following examples show how to use
com.amazonaws.auth.AWSSessionCredentials.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: AWSCodePipelineJobCredentialsProvider.java From aws-codepipeline-plugin-for-jenkins with Apache License 2.0 | 6 votes |
|
@Override
public synchronized void refresh() {
final GetJobDetailsRequest getJobDetailsRequest = new GetJobDetailsRequest().withJobId(jobId);
final GetJobDetailsResult getJobDetailsResult = codePipelineClient.getJobDetails(getJobDetailsRequest);
final com.amazonaws.services.codepipeline.model.AWSSessionCredentials credentials
= getJobDetailsResult.getJobDetails().getData().getArtifactCredentials();
this.lastRefreshedInstant = Instant.now();
this.credentials = new BasicSessionCredentials(
credentials.getAccessKeyId(),
credentials.getSecretAccessKey(),
credentials.getSessionToken());
}
Example #2
| Source File: V2CredentialWrapper.java From amazon-kinesis-client with Apache License 2.0 | 6 votes |
|
@Override
public AwsCredentials resolveCredentials() {
AWSCredentials current = oldCredentialsProvider.getCredentials();
if (current instanceof AWSSessionCredentials) {
return AwsSessionCredentials.create(current.getAWSAccessKeyId(), current.getAWSSecretKey(), ((AWSSessionCredentials) current).getSessionToken());
}
return new AwsCredentials() {
@Override
public String accessKeyId() {
return current.getAWSAccessKeyId();
}
@Override
public String secretAccessKey() {
return current.getAWSSecretKey();
}
};
}
Example #3
| Source File: RedshiftUnloadOperatorFactoryTest.java From digdag with Apache License 2.0 | 6 votes |
|
private String getUnloadConfig(Map<String, Object> configInput, String queryId, boolean maskConfig)
throws IOException
{
TaskRequest taskRequest = testHelper.createTaskRequest(configInput, Optional.absent());
OperatorContext operatorContext = mock(OperatorContext.class);
when(operatorContext.getProjectPath()).thenReturn(testHelper.projectPath());
when(operatorContext.getTaskRequest()).thenReturn(taskRequest);
RedshiftUnloadOperatorFactory.RedshiftUnloadOperator operator = (RedshiftUnloadOperatorFactory.RedshiftUnloadOperator) operatorFactory.newOperator(operatorContext);
assertThat(operator, is(instanceOf(RedshiftUnloadOperatorFactory.RedshiftUnloadOperator.class)));
AWSSessionCredentials credentials = mock(AWSSessionCredentials.class);
when(credentials.getAWSAccessKeyId()).thenReturn("my-access-key-id");
when(credentials.getAWSSecretKey()).thenReturn("my-secret-access-key");
RedshiftConnection.UnloadConfig unloadConfig = operator.createUnloadConfig(testHelper.createConfig(configInput), credentials, queryId);
Connection connection = mock(Connection.class);
RedshiftConnection redshiftConnection = new RedshiftConnection(connection);
return redshiftConnection.buildUnloadStatement(unloadConfig, maskConfig);
}
Example #4
| Source File: RedshiftLoadOperatorFactoryTest.java From digdag with Apache License 2.0 | 6 votes |
|
private String getCopyConfig(Map<String, Object> configInput, boolean maskConfig)
throws IOException
{
TaskRequest taskRequest = testHelper.createTaskRequest(configInput, Optional.absent());
OperatorContext operatorContext = mock(OperatorContext.class);
when(operatorContext.getProjectPath()).thenReturn(testHelper.projectPath());
when(operatorContext.getTaskRequest()).thenReturn(taskRequest);
RedshiftLoadOperatorFactory.RedshiftLoadOperator operator = (RedshiftLoadOperatorFactory.RedshiftLoadOperator) operatorFactory.newOperator(operatorContext);
assertThat(operator, is(instanceOf(RedshiftLoadOperatorFactory.RedshiftLoadOperator.class)));
AWSSessionCredentials credentials = mock(AWSSessionCredentials.class);
when(credentials.getAWSAccessKeyId()).thenReturn("my-access-key-id");
when(credentials.getAWSSecretKey()).thenReturn("my-secret-access-key");
RedshiftConnection.CopyConfig copyConfig = operator.createCopyConfig(testHelper.createConfig(configInput), credentials);
Connection connection = mock(Connection.class);
RedshiftConnection redshiftConnection = new RedshiftConnection(connection);
return redshiftConnection.buildCopyStatement(copyConfig, maskConfig);
}
Example #5
| Source File: SessionCredentialsProviderFactory.java From aws-glue-data-catalog-client-for-apache-hive-metastore with Apache License 2.0 | 6 votes |
|
@Override
public AWSCredentialsProvider buildAWSCredentialsProvider(HiveConf hiveConf) {
checkArgument(hiveConf != null, "hiveConf cannot be null.");
String accessKey = hiveConf.get(AWS_ACCESS_KEY_CONF_VAR);
String secretKey = hiveConf.get(AWS_SECRET_KEY_CONF_VAR);
String sessionToken = hiveConf.get(AWS_SESSION_TOKEN_CONF_VAR);
checkArgument(accessKey != null, AWS_ACCESS_KEY_CONF_VAR + " must be set.");
checkArgument(secretKey != null, AWS_SECRET_KEY_CONF_VAR + " must be set.");
checkArgument(sessionToken != null, AWS_SESSION_TOKEN_CONF_VAR + " must be set.");
AWSSessionCredentials credentials = new BasicSessionCredentials(accessKey, secretKey, sessionToken);
return new StaticCredentialsProvider(credentials);
}
Example #6
| Source File: AwsCredentialProviderPlugin.java From pulsar with Apache License 2.0 | 6 votes |
|
/**
* Returns a V2 credential provider for use with the v2 SDK.
*
* Defaults to an implementation that pulls credentials from a v1 provider
*/
default software.amazon.awssdk.auth.credentials.AwsCredentialsProvider getV2CredentialsProvider() {
// make a small wrapper to forward requests to v1, this allows
// for this interface to not "break" for implementers
AWSCredentialsProvider v1Provider = getCredentialProvider();
return () -> {
AWSCredentials creds = v1Provider.getCredentials();
if (creds instanceof AWSSessionCredentials) {
return software.amazon.awssdk.auth.credentials.AwsSessionCredentials.create(
creds.getAWSAccessKeyId(),
creds.getAWSSecretKey(),
((AWSSessionCredentials) creds).getSessionToken());
} else {
return software.amazon.awssdk.auth.credentials.AwsBasicCredentials.create(
creds.getAWSAccessKeyId(),
creds.getAWSSecretKey());
}
};
}
Example #7
| Source File: STSCredentialsConfigurator.java From cyberduck with GNU General Public License v3.0 | 6 votes |
|
protected AWSSecurityTokenService getTokenService(final Host host, final String region, final String accessKey, final String secretKey, final String sessionToken) {
final ClientConfiguration configuration = new CustomClientConfiguration(host,
new ThreadLocalHostnameDelegatingTrustManager(trust, host.getHostname()), key);
return AWSSecurityTokenServiceClientBuilder.standard()
.withCredentials(new AWSStaticCredentialsProvider(StringUtils.isBlank(sessionToken) ? new AWSCredentials() {
@Override
public String getAWSAccessKeyId() {
return accessKey;
}
@Override
public String getAWSSecretKey() {
return secretKey;
}
} : new AWSSessionCredentials() {
@Override
public String getAWSAccessKeyId() {
return accessKey;
}
@Override
public String getAWSSecretKey() {
return secretKey;
}
@Override
public String getSessionToken() {
return sessionToken;
}
}))
.withClientConfiguration(configuration)
.withRegion(StringUtils.isNotBlank(region) ? Regions.fromName(region) : Regions.DEFAULT_REGION).build();
}
Example #8
| Source File: ZipkinElasticsearchAwsStorageModule.java From zipkin-aws with Apache License 2.0 | 6 votes |
|
/** By default, get credentials from the {@link DefaultAWSCredentialsProviderChain} */
@Bean @ConditionalOnMissingBean
AWSCredentials.Provider credentials() {
return new AWSCredentials.Provider() {
final AWSCredentialsProvider delegate = new DefaultAWSCredentialsProviderChain();
@Override public AWSCredentials get() {
com.amazonaws.auth.AWSCredentials result = delegate.getCredentials();
String sessionToken =
result instanceof AWSSessionCredentials
? ((AWSSessionCredentials) result).getSessionToken()
: null;
return new AWSCredentials(
result.getAWSAccessKeyId(), result.getAWSSecretKey(), sessionToken);
}
};
}
Example #9
| Source File: AWSCredentialsConfigurator.java From cyberduck with GNU General Public License v3.0 | 6 votes |
|
@Override
public Credentials configure(final Host host) {
final Credentials credentials = new Credentials(host.getCredentials());
if(!credentials.validate(host.getProtocol(), new LoginOptions(host.getProtocol()).password(false))) {
// Lookup from default profile if no access key is set in bookmark
for(AWSCredentialsProvider provider : providers) {
try {
final AWSCredentials c = provider.getCredentials();
credentials.setUsername(c.getAWSAccessKeyId());
credentials.setPassword(c.getAWSSecretKey());
if(c instanceof AWSSessionCredentials) {
credentials.setToken(((AWSSessionCredentials) c).getSessionToken());
}
break;
}
catch(SdkClientException e) {
log.debug(String.format("Ignore failure loading credentials from provider %s", provider));
// Continue searching with next provider
}
}
}
return credentials;
}
Example #10
| Source File: DynamoDBClientTest.java From emr-dynamodb-connector with Apache License 2.0 | 6 votes |
|
@Test
public void testBasicSessionCredentials(){
final String DYNAMODB_ACCESS_KEY = "abc";
final String DYNAMODB_SECRET_KEY = "xyz";
final String DYNAMODB_SESSION_KEY = "007";
Configuration conf = new Configuration();
conf.set(DynamoDBConstants.DYNAMODB_ACCESS_KEY_CONF, DYNAMODB_ACCESS_KEY);
conf.set(DynamoDBConstants.DYNAMODB_SECRET_KEY_CONF, DYNAMODB_SECRET_KEY);
conf.set(DynamoDBConstants.DYNAMODB_SESSION_TOKEN_CONF, DYNAMODB_SESSION_KEY);
DynamoDBClient dynamoDBClient = new DynamoDBClient();
AWSCredentialsProvider provider = dynamoDBClient.getAWSCredentialsProvider(conf);
AWSSessionCredentials sessionCredentials = (AWSSessionCredentials) provider.getCredentials();
Assert.assertEquals(DYNAMODB_ACCESS_KEY, sessionCredentials.getAWSAccessKeyId());
Assert.assertEquals(DYNAMODB_SECRET_KEY, sessionCredentials.getAWSSecretKey());
Assert.assertEquals(DYNAMODB_SESSION_KEY, sessionCredentials.getSessionToken());
}
Example #11
| Source File: BaseRedshiftLoadOperator.java From digdag with Apache License 2.0 | 5 votes |
|
@Override
protected TaskResult run(Config params, Config state, RedshiftConnectionConfig connectionConfig)
{
UUID queryId;
// generate query id
if (!state.has(QUERY_ID)) {
// this is the first execution of this task
logger.debug("Generating query id for a new {} task", type());
queryId = UUID.randomUUID();
state.set(QUERY_ID, queryId);
throw TaskExecutionException.ofNextPolling(0, ConfigElement.copyOf(state));
}
queryId = state.get(QUERY_ID, UUID.class);
BasicAWSCredentials baseCredentials = createBaseCredential(context.getSecrets());
AWSSessionCredentials sessionCredentials = createSessionCredentials(params, context.getSecrets(), baseCredentials);
T statementConfig = createStatementConfig(params, sessionCredentials, queryId.toString());
beforeConnect(baseCredentials, statementConfig);
pollingRetryExecutor(TaskState.of(state), "load")
.retryIf(LockConflictException.class, x -> true)
.withErrorMessage("Redshift Load/Unload operation failed")
.runAction(s -> executeTask(params, connectionConfig, statementConfig, queryId));
return TaskResult.defaultBuilder(request).build();
}
Example #12
| Source File: TestPrestoS3FileSystem.java From presto with Apache License 2.0 | 5 votes |
|
@Test
public void testEmbeddedCredentials()
throws Exception
{
Configuration config = new Configuration(false);
try (PrestoS3FileSystem fs = new PrestoS3FileSystem()) {
AWSCredentials credentials = getStaticCredentials(config, fs, "s3n://testAccess:testSecret@test-bucket/");
assertEquals(credentials.getAWSAccessKeyId(), "testAccess");
assertEquals(credentials.getAWSSecretKey(), "testSecret");
assertThat(credentials).isNotInstanceOf(AWSSessionCredentials.class);
}
}
Example #13
| Source File: Profile.java From bazel with Apache License 2.0 | 5 votes |
|
public Profile(String profileName, AWSCredentials awsCredentials) {
Map<String, String> properties = new LinkedHashMap<String, String>();
properties.put(ProfileKeyConstants.AWS_ACCESS_KEY_ID, awsCredentials.getAWSAccessKeyId());
properties.put(ProfileKeyConstants.AWS_SECRET_ACCESS_KEY, awsCredentials.getAWSSecretKey());
if (awsCredentials instanceof AWSSessionCredentials) {
AWSSessionCredentials sessionCred = (AWSSessionCredentials)awsCredentials;
properties.put(ProfileKeyConstants.AWS_SESSION_TOKEN, sessionCred.getSessionToken());
}
this.profileName = profileName;
this.properties = properties;
this.awsCredentials = new StaticCredentialsProvider(awsCredentials);
}
Example #14
| Source File: RedshiftUnloadOperatorFactory.java From digdag with Apache License 2.0 | 5 votes |
|
@VisibleForTesting
RedshiftConnection.UnloadConfig createUnloadConfig(Config config, AWSSessionCredentials sessionCredentials, String queryId)
{
RedshiftConnection.UnloadConfig uc = new RedshiftConnection.UnloadConfig();
uc.configure(
unloadConfig -> {
unloadConfig.accessKeyId = sessionCredentials.getAWSAccessKeyId();
unloadConfig.secretAccessKey = sessionCredentials.getAWSSecretKey();
if (sessionCredentials.getSessionToken() != null) {
unloadConfig.sessionToken = Optional.of(sessionCredentials.getSessionToken());
}
unloadConfig.query = config.get("query", String.class);
unloadConfig.to = config.get("to", String.class);
unloadConfig.manifest = config.getOptional("manifest", Boolean.class);
unloadConfig.encrypted = config.getOptional("encrypted", Boolean.class);
unloadConfig.allowoverwrite = config.getOptional("allowoverwrite", Boolean.class);
unloadConfig.delimiter = config.getOptional("delimiter", String.class);
unloadConfig.fixedwidth = config.getOptional("fixedwidth", String.class);
unloadConfig.gzip = config.getOptional("gzip", Boolean.class);
unloadConfig.bzip2 = config.getOptional("bzip2", Boolean.class);
unloadConfig.nullAs = config.getOptional("null_as", String.class);
unloadConfig.escape = config.getOptional("escape", Boolean.class);
unloadConfig.addquotes = config.getOptional("addquotes", Boolean.class);
unloadConfig.parallel = config.getOptional("parallel", String.class);
unloadConfig.setupWithPrefixDir(queryId);
}
);
return uc;
}
Example #15
| Source File: BaseRedshiftLoadOperator.java From digdag with Apache License 2.0 | 5 votes |
|
private AWSSessionCredentials createSessionCredentials(Config config, SecretProvider secrets, BasicAWSCredentials baseCredential)
{
List<AcceptableUri> acceptableUris = buildAcceptableUriForSessionCredentials(config, baseCredential);
if (!config.get("temp_credentials", Boolean.class, true)) {
return new BasicSessionCredentials(
baseCredential.getAWSAccessKeyId(),
baseCredential.getAWSSecretKey(),
null
);
}
AWSSessionCredentialsFactory sessionCredentialsFactory =
new AWSSessionCredentialsFactory(baseCredential, acceptableUris);
Optional<String> roleArn = getSecretOptionalValue(secrets, "role_arn");
if (roleArn.isPresent()) {
sessionCredentialsFactory.withRoleArn(roleArn.get());
Optional<String> roleSessionName = secrets.getSecretOptional("role_session_name");
if (roleSessionName.isPresent()) {
sessionCredentialsFactory.withRoleSessionName(roleSessionName.get());
}
}
Optional<Integer> durationSeconds = config.getOptional("session_duration", Integer.class);
if (durationSeconds.isPresent()) {
sessionCredentialsFactory.withDurationSeconds(durationSeconds.get());
}
return sessionCredentialsFactory.get();
}
Example #16
| Source File: AWSCredentialsConfigurator.java From cyberduck with GNU General Public License v3.0 | 5 votes |
|
public static AWSCredentialsProvider toAWSCredentialsProvider(final Credentials credentials) {
return credentials.isTokenAuthentication() ?
new AWSSessionCredentialsProvider() {
@Override
public AWSSessionCredentials getCredentials() {
return new AWSSessionCredentials() {
@Override
public String getSessionToken() {
return credentials.getToken();
}
@Override
public String getAWSAccessKeyId() {
return credentials.getUsername();
}
@Override
public String getAWSSecretKey() {
return credentials.getPassword();
}
};
}
@Override
public void refresh() {
// Not supported
}
} :
new AWSStaticCredentialsProvider(new AWSCredentials() {
@Override
public String getAWSAccessKeyId() {
return credentials.getUsername();
}
@Override
public String getAWSSecretKey() {
return credentials.getPassword();
}
});
}
Example #17
| Source File: AWSCodePipelineJobCredentialsProvider.java From aws-codepipeline-plugin-for-jenkins with Apache License 2.0 | 5 votes |
|
@Override
public AWSSessionCredentials getCredentials() {
if (this.credentials == null || this.lastRefreshedInstant.isBefore(Instant.now().minus(CREDENTIALS_DURATION))) {
refresh();
}
return this.credentials;
}
Example #18
| Source File: BlobStoreManagedLedgerOffloaderTest.java From pulsar with Apache License 2.0 | 5 votes |
|
@Test
public void testSessionCredentialSupplier() throws Exception {
PowerMockito.mockStatic(CredentialsUtil.class);
PowerMockito.when(CredentialsUtil.getAWSCredentialProvider(any())).thenReturn(new AWSCredentialsProvider() {
@Override
public AWSCredentials getCredentials() {
return new AWSSessionCredentials() {
@Override
public String getSessionToken() {
return "token";
}
@Override
public String getAWSAccessKeyId() {
return "access";
}
@Override
public String getAWSSecretKey() {
return "secret";
}
};
}
@Override
public void refresh() {
}
});
Supplier<Credentials> creds = BlobStoreManagedLedgerOffloader.getCredentials("aws-s3", any());
Assert.assertTrue(creds.get() instanceof SessionCredentials);
SessionCredentials sessCreds = (SessionCredentials) creds.get();
Assert.assertEquals(sessCreds.getAccessKeyId(), "access");
Assert.assertEquals(sessCreds.getSecretAccessKey(), "secret");
Assert.assertEquals(sessCreds.getSessionToken(), "token");
}
Example #19
| Source File: BlobStoreManagedLedgerOffloaderTest.java From pulsar with Apache License 2.0 | 5 votes |
|
@Test
public void testS3DriverConfiguredWell() throws Exception {
PowerMockito.mockStatic(CredentialsUtil.class);
PowerMockito.when(CredentialsUtil.getAWSCredentialProvider(any())).thenReturn(new AWSCredentialsProvider() {
@Override
public AWSCredentials getCredentials() {
return new AWSSessionCredentials() {
@Override
public String getSessionToken() {
return "token";
}
@Override
public String getAWSAccessKeyId() {
return "access";
}
@Override
public String getAWSSecretKey() {
return "secret";
}
};
}
@Override
public void refresh() {
}
});
OffloadPolicies conf = new OffloadPolicies();
conf.setManagedLedgerOffloadDriver("s3");
conf.setS3ManagedLedgerOffloadBucket(BUCKET);
conf.setS3ManagedLedgerOffloadServiceEndpoint("http://fake.s3.end.point");
// should success and no exception thrown.
BlobStoreManagedLedgerOffloader.create(conf, scheduler);
}
Example #20
| Source File: RedshiftUnloadOperatorFactory.java From digdag with Apache License 2.0 | 4 votes |
|
@Override
protected RedshiftConnection.UnloadConfig createStatementConfig(Config params, AWSSessionCredentials sessionCredentials, String queryId)
{
return createUnloadConfig(params, sessionCredentials, queryId);
}
Example #21
| Source File: RedshiftLoadOperatorFactory.java From digdag with Apache License 2.0 | 4 votes |
|
@VisibleForTesting
RedshiftConnection.CopyConfig createCopyConfig(Config config, AWSSessionCredentials sessionCredentials)
{
RedshiftConnection.CopyConfig cc = new RedshiftConnection.CopyConfig();
cc.configure(
copyConfig -> {
copyConfig.accessKeyId = sessionCredentials.getAWSAccessKeyId();
copyConfig.secretAccessKey = sessionCredentials.getAWSSecretKey();
if (sessionCredentials.getSessionToken() != null) {
copyConfig.sessionToken = Optional.of(sessionCredentials.getSessionToken());
}
copyConfig.table = config.get("table", String.class);
copyConfig.columnList = config.getOptional("column_list", String.class);
copyConfig.from = config.get("from", String.class);
copyConfig.readratio = config.getOptional("readratio", Integer.class);
copyConfig.manifest = config.getOptional("manifest", Boolean.class);
copyConfig.encrypted = config.getOptional("encrypted", Boolean.class);
copyConfig.region = config.getOptional("region", String.class);
copyConfig.csv = config.getOptional("csv", String.class);
copyConfig.delimiter = config.getOptional("delimiter", String.class);
copyConfig.fixedwidth = config.getOptional("fixedwidth", String.class);
copyConfig.json = config.getOptional("json", String.class);
copyConfig.avro = config.getOptional("avro", String.class);
copyConfig.gzip = config.getOptional("gzip", Boolean.class);
copyConfig.bzip2 = config.getOptional("bzip2", Boolean.class);
copyConfig.lzop = config.getOptional("lzop", Boolean.class);
copyConfig.acceptanydate = config.getOptional("acceptanydate", Boolean.class);
copyConfig.acceptinvchars = config.getOptional("acceptinvchars", String.class);
copyConfig.blanksasnull = config.getOptional("blanksasnull", Boolean.class);
copyConfig.dateformat = config.getOptional("dateformat", String.class);
copyConfig.emptyasnull = config.getOptional("emptyasnull", Boolean.class);
copyConfig.encoding = config.getOptional("encoding", String.class);
copyConfig.escape = config.getOptional("escape", Boolean.class);
copyConfig.explicitIds = config.getOptional("explicit_ids", Boolean.class);
copyConfig.fillrecord = config.getOptional("fillrecord", Boolean.class);
copyConfig.ignoreblanklines = config.getOptional("ignoreblanklines", Boolean.class);
copyConfig.ignoreheader = config.getOptional("ignoreheader", Integer.class);
copyConfig.nullAs = config.getOptional("null_as", String.class);
copyConfig.removequotes = config.getOptional("removequotes", Boolean.class);
copyConfig.roundec = config.getOptional("roundec", Boolean.class);
copyConfig.timeformat = config.getOptional("timeformat", String.class);
copyConfig.trimblanks = config.getOptional("trimblanks", Boolean.class);
copyConfig.truncatecolumns = config.getOptional("truncatecolumns", Boolean.class);
copyConfig.comprows = config.getOptional("comprows", Integer.class);
copyConfig.compupdate = config.getOptional("compupdate", String.class);
copyConfig.maxerror = config.getOptional("maxerror", Integer.class);
copyConfig.noload = config.getOptional("noload", Boolean.class);
copyConfig.statupdate = config.getOptional("statupdate", String.class);
}
);
return cc;
}
Example #22
| Source File: RedshiftLoadOperatorFactory.java From digdag with Apache License 2.0 | 4 votes |
|
@Override
protected RedshiftConnection.CopyConfig createStatementConfig(Config params, AWSSessionCredentials sessionCredentials, String queryId)
{
return createCopyConfig(params, sessionCredentials);
}
Example #23
| Source File: AWSSigner.java From aws-signing-request-interceptor with MIT License | 4 votes |
|
public Map<String, Object> getSignedHeaders(String uri,
String method,
Multimap<String, String> queryParams,
Map<String, Object> headers,
Optional<byte[]> payload) {
final LocalDateTime now = clock.get();
final AWSCredentials credentials = credentialsProvider.getCredentials();
final Map<String, Object> result = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
result.putAll(headers);
final Optional<String> possibleHost = Optional.fromNullable(result.get(HOST))
.transform(Object::toString);
final int indexOfPortSymbol = possibleHost.transform(host -> host.indexOf(':')).or(-1);
if (indexOfPortSymbol > -1) {
result.put(HOST, possibleHost.get().substring(0, indexOfPortSymbol));
}
if (!result.containsKey(DATE)) {
result.put(X_AMZ_DATE, now.format(BASIC_TIME_FORMAT));
}
if (AWSSessionCredentials.class.isAssignableFrom(credentials.getClass())) {
result.put(SESSION_TOKEN, ((AWSSessionCredentials) credentials).getSessionToken());
}
final StringBuilder headersString = new StringBuilder();
final ImmutableList.Builder<String> signedHeaders = ImmutableList.builder();
for (Map.Entry<String, Object> entry : result.entrySet()) {
final Optional<String> headerAsString = headerAsString(entry, method);
if (headerAsString.isPresent()) {
headersString.append(headerAsString.get()).append(RETURN);
signedHeaders.add(entry.getKey().toLowerCase());
}
}
final String signedHeaderKeys = JOINER.join(signedHeaders.build());
final String canonicalRequest = method + RETURN +
SdkHttpUtils.urlEncode(uri, true) + RETURN +
queryParamsString(queryParams) + RETURN +
headersString.toString() + RETURN +
signedHeaderKeys + RETURN +
toBase16(hash(payload.or(EMPTY.getBytes(Charsets.UTF_8))));
final String stringToSign = createStringToSign(canonicalRequest, now);
final String signature = sign(stringToSign, now, credentials);
final String autorizationHeader = AWS4_HMAC_SHA256_CREDENTIAL + credentials.getAWSAccessKeyId() + SLASH + getCredentialScope(now) +
SIGNED_HEADERS + signedHeaderKeys +
SIGNATURE + signature;
result.put(AUTHORIZATION, autorizationHeader);
return ImmutableMap.copyOf(result);
}
Example #24
| Source File: ProcessVendorTrasactions.java From aws-big-data-blog with Apache License 2.0 | 4 votes |
|
public static void run(String jobInputParam) throws Exception{
List<StructField> schemaFields = new ArrayList<StructField>();
schemaFields.add(DataTypes.createStructField("vendor_id", DataTypes.StringType, true));
schemaFields.add(DataTypes.createStructField("trans_amount", DataTypes.StringType, true));
schemaFields.add(DataTypes.createStructField("trans_type", DataTypes.StringType, true));
schemaFields.add(DataTypes.createStructField("item_id", DataTypes.StringType, true));
schemaFields.add(DataTypes.createStructField("trans_date", DataTypes.StringType, true));
StructType schema = DataTypes.createStructType(schemaFields);
SparkConf conf = new SparkConf().setAppName("Spark Redshift No Access-Keys");
SparkSession spark = SparkSession.builder().config(conf).getOrCreate();
JavaSparkContext sc = new JavaSparkContext(spark.sparkContext());
String redshiftJDBCURL=props.getProperty("redshift.jdbc.url");
String s3TempPath = props.getProperty("s3.temp.path");
System.out.println("props"+props);
JavaRDD<Row> salesRDD = sc.textFile(jobInputParam).
map(new Function<String,Row>(){public Row call(String saleRec){ String[] fields = saleRec.split(",");
return RowFactory.create(fields[0], fields[1],fields[2],fields[3],fields[4]);}});
Dataset<Row> salesDF = spark.createDataFrame(salesRDD,schema);
Dataset<Row> vendorItemSaleAmountDF = salesDF.filter(salesDF.col("trans_type").equalTo("4")).groupBy(salesDF.col("vendor_id"),salesDF.col("item_id"),salesDF.col("trans_date")).agg(ImmutableMap.of("trans_amount", "sum"));
Dataset<Row> vendorItemTaxAmountDF = salesDF.filter(salesDF.col("trans_type").equalTo("5")).groupBy(salesDF.col("vendor_id"),salesDF.col("item_id"),salesDF.col("trans_date")).agg(ImmutableMap.of("trans_amount", "sum"));
Dataset<Row> vendorItemDiscountAmountDF = salesDF.filter(salesDF.col("trans_type").equalTo("6")).groupBy(salesDF.col("vendor_id"),salesDF.col("item_id"),salesDF.col("trans_date")).agg(ImmutableMap.of("trans_amount", "sum"));
String[] joinColArray = {"vendor_id","item_id","trans_date"};
vendorItemSaleAmountDF.printSchema();
Seq<String> commonJoinColumns = scala.collection.JavaConversions.asScalaBuffer(Arrays.asList(joinColArray)).seq();
Dataset<Row> vendorAggregatedDF = vendorItemSaleAmountDF.join(vendorItemTaxAmountDF,commonJoinColumns,"left_outer")
.join(vendorItemDiscountAmountDF,commonJoinColumns,"left_outer")
.toDF("vendor_id","item_id","trans_date","sale_amount","tax_amount","discount_amount");
vendorAggregatedDF.printSchema();
DefaultAWSCredentialsProviderChain provider = new DefaultAWSCredentialsProviderChain();
AWSSessionCredentials creds = (AWSSessionCredentials) provider.getCredentials();
String appendix=new StringBuilder(String.valueOf(System.currentTimeMillis())).append("_").append(String.valueOf(new Random().nextInt(10)+1)).toString();
String vendorTransSummarySQL = new StringBuilder("begin transaction;delete from vendortranssummary using vendortranssummary_temp")
.append(appendix)
.append(" where vendortranssummary.vendor_id=vendortranssummary_temp")
.append(appendix)
.append(".vendor_id and vendortranssummary.item_id=vendortranssummary_temp")
.append(appendix)
.append(".item_id and vendortranssummary.trans_date = vendortranssummary_temp")
.append(appendix)
.append(".trans_date;")
.append("insert into vendortranssummary select * from vendortranssummary_temp")
.append(appendix)
.append(";drop table vendortranssummary_temp")
.append(appendix)
.append(";end transaction;").toString();
vendorAggregatedDF.write().format("com.databricks.spark.redshift").option("url", redshiftJDBCURL)
.option("dbtable", "vendortranssummary_temp"+appendix)
.option("usestagingtable","false")
.option("postactions",vendorTransSummarySQL)
.option("temporary_aws_access_key_id", creds.getAWSAccessKeyId())
.option("temporary_aws_secret_access_key",creds.getAWSSecretKey())
.option("temporary_aws_session_token", creds.getSessionToken())
.option("tempdir", s3TempPath).mode(SaveMode.Overwrite).save();
}
Example #25
| Source File: BlobStoreManagedLedgerOffloader.java From pulsar with Apache License 2.0 | 4 votes |
|
public static Supplier<Credentials> getCredentials(String driver,
OffloadPolicies conf) throws IOException {
// credentials:
// for s3, get by DefaultAWSCredentialsProviderChain.
// for gcs, use downloaded file 'google_creds.json', which contains service account key by
// following instructions in page https://support.google.com/googleapi/answer/6158849
if (isGcsDriver(driver)) {
String gcsKeyPath = conf.getGcsManagedLedgerOffloadServiceAccountKeyFile();
if (Strings.isNullOrEmpty(gcsKeyPath)) {
throw new IOException(
"The service account key path is empty for GCS driver");
}
try {
String gcsKeyContent = Files.toString(new File(gcsKeyPath), Charset.defaultCharset());
return () -> new GoogleCredentialsFromJson(gcsKeyContent).get();
} catch (IOException ioe) {
log.error("Cannot read GCS service account credentials file: {}", gcsKeyPath);
throw new IOException(ioe);
}
} else if (isS3Driver(driver)) {
AWSCredentialsProvider credsChain = CredentialsUtil.getAWSCredentialProvider(conf);
// try and get creds before starting... if we can't fetch
// creds on boot, we want to fail
try {
credsChain.getCredentials();
} catch (Exception e) {
// allowed, some mock s3 service not need credential
log.error("unable to fetch S3 credentials for offloading, failing", e);
throw e;
}
return () -> {
AWSCredentials creds = credsChain.getCredentials();
if (creds == null) {
// we don't expect this to happen, as we
// successfully fetched creds on boot
throw new RuntimeException("Unable to fetch S3 credentials after start, unexpected!");
}
// if we have session credentials, we need to send the session token
// this allows us to support EC2 metadata credentials
if (creds instanceof AWSSessionCredentials) {
return SessionCredentials.builder()
.accessKeyId(creds.getAWSAccessKeyId())
.secretAccessKey(creds.getAWSSecretKey())
.sessionToken(((AWSSessionCredentials) creds).getSessionToken())
.build();
} else {
return new Credentials(creds.getAWSAccessKeyId(), creds.getAWSSecretKey());
}
};
} else {
throw new IOException(
"Not support this kind of driver: " + driver);
}
}
Example #26
| Source File: BaseRedshiftLoadOperator.java From digdag with Apache License 2.0 | votes |
|
protected abstract T createStatementConfig(Config params, AWSSessionCredentials sessionCredentials, String queryId);
