providers.*CLIProfileCredentialsProvider.getCredentialsProvider - Code Metrics - Inspection of "feat: support StsToken mode in cli profile" - aliyun/credentials-go - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( c6841b...a528aa )

unknown

created 2025-04-18 08:58 UTC

ider.getCredentialsProvider D

↳ Parent: credentials/providers/cli_profile.go

Complexity

Conditions

Size

Total Lines	71
Code Lines	64

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	11
eloc	64
nop	2
dl	0
loc	71
rs	4.9581
c	0
b	0
f	0

How to fix Long Method Complexity

Long Method

Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.

For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.

Commonly applied refactorings include:

If many parameters/temporary variables are present:
- Replace temporary variables with Query
- Introduce parameter object; often combined with preserve whole object
- If the above two are insufficient: Replace method with method object
If you have long conditionals: Decompose Conditional
Otherwise: Extract method

Complexity

Complex classes like providers.*CLIProfileCredentialsProvider.getCredentialsProvider often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes.

Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.

package providers

import (
	"encoding/json"
	"errors"
	"fmt"
	"io/ioutil"
	"os"
	"path"
	"strings"

	"github.com/aliyun/credentials-go/credentials/internal/utils"
)

type CLIProfileCredentialsProvider struct {
	profileFile   string
	profileName   string
	innerProvider CredentialsProvider
}

type CLIProfileCredentialsProviderBuilder struct {
	provider *CLIProfileCredentialsProvider
}

func (b *CLIProfileCredentialsProviderBuilder) WithProfileFile(profileFile string) *CLIProfileCredentialsProviderBuilder {
	b.provider.profileFile = profileFile
	return b
}

func (b *CLIProfileCredentialsProviderBuilder) WithProfileName(profileName string) *CLIProfileCredentialsProviderBuilder {
	b.provider.profileName = profileName
	return b
}

func (b *CLIProfileCredentialsProviderBuilder) Build() (provider *CLIProfileCredentialsProvider, err error) {
	// 优先级：
	// 1. 使用显示指定的 profileFile
	// 2. 使用环境变量（ALIBABA_CLOUD_CONFIG_FILE）指定的 profileFile
	// 3. 兜底使用 path.Join(homeDir, ".aliyun/config") 作为 profileFile
	if b.provider.profileFile == "" {
		b.provider.profileFile = os.Getenv("ALIBABA_CLOUD_CONFIG_FILE")
	}
	// 优先级：
	// 1. 使用显示指定的 profileName
	// 2. 使用环境变量（ALIBABA_CLOUD_PROFILE）制定的 profileName
	// 3. 使用 CLI 配置中的当前 profileName
	if b.provider.profileName == "" {
		b.provider.profileName = os.Getenv("ALIBABA_CLOUD_PROFILE")
	}

	if strings.ToLower(os.Getenv("ALIBABA_CLOUD_CLI_PROFILE_DISABLED")) == "true" {
		err = errors.New("the CLI profile is disabled")
		return
	}

	provider = b.provider
	return
}

func NewCLIProfileCredentialsProviderBuilder() *CLIProfileCredentialsProviderBuilder {
	return &CLIProfileCredentialsProviderBuilder{
		provider: &CLIProfileCredentialsProvider{},
	}
}

type profile struct {
	Name            string `json:"name"`
	Mode            string `json:"mode"`
	AccessKeyID     string `json:"access_key_id"`
	AccessKeySecret string `json:"access_key_secret"`
	SecurityToken   string `json:"sts_token"`
	RegionID        string `json:"region_id"`
	RoleArn         string `json:"ram_role_arn"`
	RoleSessionName string `json:"ram_session_name"`
	DurationSeconds int    `json:"expired_seconds"`
	StsRegion       string `json:"sts_region"`
	EnableVpc       bool   `json:"enable_vpc"`
	SourceProfile   string `json:"source_profile"`
	RoleName        string `json:"ram_role_name"`
	OIDCTokenFile   string `json:"oidc_token_file"`
	OIDCProviderARN string `json:"oidc_provider_arn"`
	Policy          string `json:"policy"`
	ExternalId      string `json:"external_id"`
}

type configuration struct {
	Current  string     `json:"current"`
	Profiles []*profile `json:"profiles"`
}

func newConfigurationFromPath(cfgPath string) (conf *configuration, err error) {
	bytes, err := ioutil.ReadFile(cfgPath)
	if err != nil {
		err = fmt.Errorf("reading aliyun cli config from '%s' failed %v", cfgPath, err)
		return
	}

	conf = &configuration{}

	err = json.Unmarshal(bytes, conf)
	if err != nil {
		err = fmt.Errorf("unmarshal aliyun cli config from '%s' failed: %s", cfgPath, string(bytes))
		return
	}

	if conf.Profiles == nil || len(conf.Profiles) == 0 {
		err = fmt.Errorf("no any configured profiles in '%s'", cfgPath)
		return
	}

	return
}

func (conf *configuration) getProfile(name string) (profile *profile, err error) {
	for _, p := range conf.Profiles {
		if p.Name == name {
			profile = p
			return
		}
	}

	err = fmt.Errorf("unable to get profile with '%s'", name)
	return
}

func (provider *CLIProfileCredentialsProvider) getCredentialsProvider(conf *configuration, profileName string) (credentialsProvider CredentialsProvider, err error) {
	p, err := conf.getProfile(profileName)
	if err != nil {
		return
	}

	switch p.Mode {
	case "AK":
		credentialsProvider, err = NewStaticAKCredentialsProviderBuilder().
			WithAccessKeyId(p.AccessKeyID).
			WithAccessKeySecret(p.AccessKeySecret).
			Build()
	case "StsToken":
		credentialsProvider, err = NewStaticSTSCredentialsProviderBuilder().
			WithAccessKeyId(p.AccessKeyID).
			WithAccessKeySecret(p.AccessKeySecret).
			WithSecurityToken(p.SecurityToken).
			Build()
	case "RamRoleArn":
		previousProvider, err1 := NewStaticAKCredentialsProviderBuilder().
			WithAccessKeyId(p.AccessKeyID).
			WithAccessKeySecret(p.AccessKeySecret).
			Build()
		if err1 != nil {
			return nil, err1
		}

		credentialsProvider, err = NewRAMRoleARNCredentialsProviderBuilder().
			WithCredentialsProvider(previousProvider).
			WithRoleArn(p.RoleArn).
			WithRoleSessionName(p.RoleSessionName).
			WithDurationSeconds(p.DurationSeconds).
			WithStsRegionId(p.StsRegion).
			WithEnableVpc(p.EnableVpc).
			WithPolicy(p.Policy).
			WithExternalId(p.ExternalId).
			Build()
	case "EcsRamRole":
		credentialsProvider, err = NewECSRAMRoleCredentialsProviderBuilder().WithRoleName(p.RoleName).Build()
	case "OIDC":
		credentialsProvider, err = NewOIDCCredentialsProviderBuilder().
			WithOIDCTokenFilePath(p.OIDCTokenFile).
			WithOIDCProviderARN(p.OIDCProviderARN).
			WithRoleArn(p.RoleArn).
			WithStsRegionId(p.StsRegion).
			WithEnableVpc(p.EnableVpc).
			WithDurationSeconds(p.DurationSeconds).
			WithRoleSessionName(p.RoleSessionName).
			WithPolicy(p.Policy).
			Build()
	case "ChainableRamRoleArn":
		previousProvider, err1 := provider.getCredentialsProvider(conf, p.SourceProfile)
		if err1 != nil {
			err = fmt.Errorf("get source profile failed: %s", err1.Error())
			return
		}
		credentialsProvider, err = NewRAMRoleARNCredentialsProviderBuilder().
			WithCredentialsProvider(previousProvider).
			WithRoleArn(p.RoleArn).
			WithRoleSessionName(p.RoleSessionName).
			WithDurationSeconds(p.DurationSeconds).
			WithStsRegionId(p.StsRegion).
			WithEnableVpc(p.EnableVpc).
			WithPolicy(p.Policy).
			WithExternalId(p.ExternalId).
			Build()
	default:
		err = fmt.Errorf("unsupported profile mode '%s'", p.Mode)
	}

	return
}

// 默认设置为 GetHomePath，测试时便于 mock
var getHomePath = utils.GetHomePath

func (provider *CLIProfileCredentialsProvider) GetCredentials() (cc *Credentials, err error) {
	if provider.innerProvider == nil {
		cfgPath := provider.profileFile
		if cfgPath == "" {
			homeDir := getHomePath()
			if homeDir == "" {
				err = fmt.Errorf("cannot found home dir")
				return
			}

			cfgPath = path.Join(homeDir, ".aliyun/config.json")
		}

		conf, err1 := newConfigurationFromPath(cfgPath)
		if err1 != nil {
			err = err1
			return
		}

		if provider.profileName == "" {
			provider.profileName = conf.Current
		}

		provider.innerProvider, err = provider.getCredentialsProvider(conf, provider.profileName)
		if err != nil {
			return
		}
	}

	innerCC, err := provider.innerProvider.GetCredentials()
	if err != nil {
		return
	}

	providerName := innerCC.ProviderName
	if providerName == "" {
		providerName = provider.innerProvider.GetProviderName()
	}

	cc = &Credentials{
		AccessKeyId:     innerCC.AccessKeyId,
		AccessKeySecret: innerCC.AccessKeySecret,
		SecurityToken:   innerCC.SecurityToken,
		ProviderName:    fmt.Sprintf("%s/%s", provider.GetProviderName(), providerName),
	}

	return
}

func (provider *CLIProfileCredentialsProvider) GetProviderName() string {
	return "cli_profile"
}


1			package providers
2
3			import (
4			"encoding/json"
5			"errors"
6			"fmt"
7			"io/ioutil"
8			"os"
9			"path"
10			"strings"
11
12			"github.com/aliyun/credentials-go/credentials/internal/utils"
13			)
14
15			type CLIProfileCredentialsProvider struct {
16			profileFile string
17			profileName string
18			innerProvider CredentialsProvider
19			}
20
21			type CLIProfileCredentialsProviderBuilder struct {
22			provider *CLIProfileCredentialsProvider
23			}
24
25			func (b CLIProfileCredentialsProviderBuilder) WithProfileFile(profileFile string) CLIProfileCredentialsProviderBuilder {
26			b.provider.profileFile = profileFile
27			return b
28			}
29
30			func (b CLIProfileCredentialsProviderBuilder) WithProfileName(profileName string) CLIProfileCredentialsProviderBuilder {
31			b.provider.profileName = profileName
32			return b
33			}
34
35			func (b CLIProfileCredentialsProviderBuilder) Build() (provider CLIProfileCredentialsProvider, err error) {
36			// 优先级：
37			// 1. 使用显示指定的 profileFile
38			// 2. 使用环境变量（ALIBABA_CLOUD_CONFIG_FILE）指定的 profileFile
39			// 3. 兜底使用 path.Join(homeDir, ".aliyun/config") 作为 profileFile
40			if b.provider.profileFile == "" {
41			b.provider.profileFile = os.Getenv("ALIBABA_CLOUD_CONFIG_FILE")
42			}
43			// 优先级：
44			// 1. 使用显示指定的 profileName
45			// 2. 使用环境变量（ALIBABA_CLOUD_PROFILE）制定的 profileName
46			// 3. 使用 CLI 配置中的当前 profileName
47			if b.provider.profileName == "" {
48			b.provider.profileName = os.Getenv("ALIBABA_CLOUD_PROFILE")
49			}
50
51			if strings.ToLower(os.Getenv("ALIBABA_CLOUD_CLI_PROFILE_DISABLED")) == "true" {
52			err = errors.New("the CLI profile is disabled")
53			return
54			}
55
56			provider = b.provider
57			return
58			}
59
60			func NewCLIProfileCredentialsProviderBuilder() *CLIProfileCredentialsProviderBuilder {
61			return &CLIProfileCredentialsProviderBuilder{
62			provider: &CLIProfileCredentialsProvider{},
63			}
64			}
65
66			type profile struct {
67			Name string `json:"name"`
68			Mode string `json:"mode"`
69			AccessKeyID string `json:"access_key_id"`
70			AccessKeySecret string `json:"access_key_secret"`
71			SecurityToken string `json:"sts_token"`
72			RegionID string `json:"region_id"`
73			RoleArn string `json:"ram_role_arn"`
74			RoleSessionName string `json:"ram_session_name"`
75			DurationSeconds int `json:"expired_seconds"`
76			StsRegion string `json:"sts_region"`
77			EnableVpc bool `json:"enable_vpc"`
78			SourceProfile string `json:"source_profile"`
79			RoleName string `json:"ram_role_name"`
80			OIDCTokenFile string `json:"oidc_token_file"`
81			OIDCProviderARN string `json:"oidc_provider_arn"`
82			Policy string `json:"policy"`
83			ExternalId string `json:"external_id"`
84			}
85
86			type configuration struct {
87			Current string `json:"current"`
88			Profiles []*profile `json:"profiles"`
89			}
90
91			func newConfigurationFromPath(cfgPath string) (conf *configuration, err error) {
92			bytes, err := ioutil.ReadFile(cfgPath)
93			if err != nil {
94			err = fmt.Errorf("reading aliyun cli config from '%s' failed %v", cfgPath, err)
95			return
96			}
97
98			conf = &configuration{}
99
100			err = json.Unmarshal(bytes, conf)
101			if err != nil {
102			err = fmt.Errorf("unmarshal aliyun cli config from '%s' failed: %s", cfgPath, string(bytes))
103			return
104			}
105
106			if conf.Profiles == nil \|\| len(conf.Profiles) == 0 {
107			err = fmt.Errorf("no any configured profiles in '%s'", cfgPath)
108			return
109			}
110
111			return
112			}
113
114			func (conf configuration) getProfile(name string) (profile profile, err error) {
115			for _, p := range conf.Profiles {
116			if p.Name == name {
117			profile = p
118			return
119			}
120			}
121
122			err = fmt.Errorf("unable to get profile with '%s'", name)
123			return
124			}
125
126			func (provider CLIProfileCredentialsProvider) getCredentialsProvider(conf configuration, profileName string) (credentialsProvider CredentialsProvider, err error) {
127			p, err := conf.getProfile(profileName)
128			if err != nil {
129			return
130			}
131
132			switch p.Mode {
133			case "AK":
134			credentialsProvider, err = NewStaticAKCredentialsProviderBuilder().
135			WithAccessKeyId(p.AccessKeyID).
136			WithAccessKeySecret(p.AccessKeySecret).
137			Build()
138			case "StsToken":
139			credentialsProvider, err = NewStaticSTSCredentialsProviderBuilder().
140			WithAccessKeyId(p.AccessKeyID).
141			WithAccessKeySecret(p.AccessKeySecret).
142			WithSecurityToken(p.SecurityToken).
143			Build()
144			case "RamRoleArn":
145			previousProvider, err1 := NewStaticAKCredentialsProviderBuilder().
146			WithAccessKeyId(p.AccessKeyID).
147			WithAccessKeySecret(p.AccessKeySecret).
148			Build()
149			if err1 != nil {
150			return nil, err1
151			}
152
153			credentialsProvider, err = NewRAMRoleARNCredentialsProviderBuilder().
154			WithCredentialsProvider(previousProvider).
155			WithRoleArn(p.RoleArn).
156			WithRoleSessionName(p.RoleSessionName).
157			WithDurationSeconds(p.DurationSeconds).
158			WithStsRegionId(p.StsRegion).
159			WithEnableVpc(p.EnableVpc).
160			WithPolicy(p.Policy).
161			WithExternalId(p.ExternalId).
162			Build()
163			case "EcsRamRole":
164			credentialsProvider, err = NewECSRAMRoleCredentialsProviderBuilder().WithRoleName(p.RoleName).Build()
165			case "OIDC":
166			credentialsProvider, err = NewOIDCCredentialsProviderBuilder().
167			WithOIDCTokenFilePath(p.OIDCTokenFile).
168			WithOIDCProviderARN(p.OIDCProviderARN).
169			WithRoleArn(p.RoleArn).
170			WithStsRegionId(p.StsRegion).
171			WithEnableVpc(p.EnableVpc).
172			WithDurationSeconds(p.DurationSeconds).
173			WithRoleSessionName(p.RoleSessionName).
174			WithPolicy(p.Policy).
175			Build()
176			case "ChainableRamRoleArn":
177			previousProvider, err1 := provider.getCredentialsProvider(conf, p.SourceProfile)
178			if err1 != nil {
179			err = fmt.Errorf("get source profile failed: %s", err1.Error())
180			return
181			}
182			credentialsProvider, err = NewRAMRoleARNCredentialsProviderBuilder().
183			WithCredentialsProvider(previousProvider).
184			WithRoleArn(p.RoleArn).
185			WithRoleSessionName(p.RoleSessionName).
186			WithDurationSeconds(p.DurationSeconds).
187			WithStsRegionId(p.StsRegion).
188			WithEnableVpc(p.EnableVpc).
189			WithPolicy(p.Policy).
190			WithExternalId(p.ExternalId).
191			Build()
192			default:
193			err = fmt.Errorf("unsupported profile mode '%s'", p.Mode)
194			}
195
196			return
197			}
198
199			// 默认设置为 GetHomePath，测试时便于 mock
200			var getHomePath = utils.GetHomePath
201
202			func (provider CLIProfileCredentialsProvider) GetCredentials() (cc Credentials, err error) {
203			if provider.innerProvider == nil {
204			cfgPath := provider.profileFile
205			if cfgPath == "" {
206			homeDir := getHomePath()
207			if homeDir == "" {
208			err = fmt.Errorf("cannot found home dir")
209			return
210			}
211
212			cfgPath = path.Join(homeDir, ".aliyun/config.json")
213			}
214
215			conf, err1 := newConfigurationFromPath(cfgPath)
216			if err1 != nil {
217			err = err1
218			return
219			}
220
221			if provider.profileName == "" {
222			provider.profileName = conf.Current
223			}
224
225			provider.innerProvider, err = provider.getCredentialsProvider(conf, provider.profileName)
226			if err != nil {
227			return
228			}
229			}
230
231			innerCC, err := provider.innerProvider.GetCredentials()
232			if err != nil {
233			return
234			}
235
236			providerName := innerCC.ProviderName
237			if providerName == "" {
238			providerName = provider.innerProvider.GetProviderName()
239			}
240
241			cc = &Credentials{
242			AccessKeyId: innerCC.AccessKeyId,
243			AccessKeySecret: innerCC.AccessKeySecret,
244			SecurityToken: innerCC.SecurityToken,
245			ProviderName: fmt.Sprintf("%s/%s", provider.GetProviderName(), providerName),
246			}
247
248			return
249			}
250
251			func (provider *CLIProfileCredentialsProvider) GetProviderName() string {
252			return "cli_profile"
253			}
254

aliyun / credentials-go

GitHub Access Token became invalid

Push — master ( c6841b...a528aa )

ider.getCredentialsProvider D

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Complexity

Duplication Side-by-Side

Filter issues like