credentials.*RsaKeyPairCredential.GetAccessKeyID - Code Metrics - Inspection of "Merge pull request #5 from aliyun/improveQuality" - aliyun/credentials-go - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 11f294...0d1638 )

unknown

created 2019-09-05 07:44 UTC

credentials.*RsaKeyPairCredential.GetAccessKeyID A

↳ Parent: credentials/rsa_key_pair_credential.go

Complexity

Conditions

Size

Total Lines	8
Code Lines	6

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	4
eloc	6
nop	0
dl	0
loc	8
rs	10
c	0
b	0
f	0

package credentials

import (
	"encoding/json"
	"errors"
	"fmt"
	"strconv"
	"time"

	"github.com/aliyun/credentials-go/credentials/request"
	"github.com/aliyun/credentials-go/credentials/utils"
)

type RsaKeyPairCredential struct {

	*credentialUpdater
	PrivateKey        string
	PublicKeyID       string
	SessionExpiration int
	sessionCredential *sessionCredential
	runtime           *utils.Runtime
}

type RsaKeyPairResponse struct {

	SessionAccessKey *SessionAccessKey `json:"SessionAccessKey" xml:"SessionAccessKey"`
}

type SessionAccessKey struct {

	SessionAccessKeyID     string `json:"SessionAccessKeyID" xml:"SessionAccessKeyID"`
	SessionAccessKeySecret string `json:"SessionAccessKeySecret" xml:"SessionAccessKeySecret"`
	Expiration             string `json:"Expiration" xml:"Expiration"`
}

func newRsaKeyPairCredential(privateKey, publicKeyID string, sessionExpiration int, runtime *utils.Runtime) *RsaKeyPairCredential {
	return &RsaKeyPairCredential{
		PrivateKey:        privateKey,
		PublicKeyID:       publicKeyID,
		SessionExpiration: sessionExpiration,
		credentialUpdater: new(credentialUpdater),
		runtime:           runtime,
	}
}

// GetAccessKeyID reutrns RsaKeyPairCredential's AccessKeyID
// if AccessKeyID is not exist or out of date, the function will update it.
func (r *RsaKeyPairCredential) GetAccessKeyID() (string, error) {
	if r.sessionCredential == nil || r.needUpdateCredential() {
		err := r.updateCredential()
		if err != nil {
			return "", err
		}
	}
	return r.sessionCredential.AccessKeyID, nil
}

// GetAccessSecret reutrns  RsaKeyPairCredential's AccessKeySecret
// if AccessKeySecret is not exist or out of date, the function will update it.
func (r *RsaKeyPairCredential) GetAccessSecret() (string, error) {
	if r.sessionCredential == nil || r.needUpdateCredential() {
		err := r.updateCredential()
		if err != nil {
			return "", err
		}
	}
	return r.sessionCredential.AccessKeySecret, nil
}

// GetSecurityToken is useless  RsaKeyPairCredential
func (r *RsaKeyPairCredential) GetSecurityToken() (string, error) {
	return "", nil
}

// GetBearerToken is useless for  RsaKeyPairCredential
func (r *RsaKeyPairCredential) GetBearerToken() string {
	return ""
}

// GetType reutrns  RsaKeyPairCredential's type
func (r *RsaKeyPairCredential) GetType() string {
	return "rsa_key_pair"
}

func (r *RsaKeyPairCredential) updateCredential() (err error) {
	if r.runtime == nil {
		r.runtime = new(utils.Runtime)
	}
	request := request.NewCommonRequest()
	request.Domain = "sts.aliyuncs.com"
	if r.runtime.Host != "" {
		request.Domain = r.runtime.Host
	}
	request.Scheme = "HTTPS"
	request.Method = "GET"
	request.QueryParams["AccessKeyId"] = r.PublicKeyID
	request.QueryParams["Action"] = "GenerateSessionAccessKey"
	request.QueryParams["Format"] = "JSON"
	if r.SessionExpiration > 0 {
		if r.SessionExpiration >= 900 && r.SessionExpiration <= 3600 {
			request.QueryParams["DurationSeconds"] = strconv.Itoa(r.SessionExpiration)
		} else {
			err = errors.New("[InvalidParam]:Key Pair session duration should be in the range of 15min - 1Hr")
			return
		}
	} else {
		request.QueryParams["DurationSeconds"] = strconv.Itoa(defaultDurationSeconds)
	}
	request.QueryParams["SignatureMethod"] = "SHA256withRSA"
	request.QueryParams["SignatureType"] = "PRIVATEKEY"
	request.QueryParams["SignatureVersion"] = "1.0"
	request.QueryParams["Version"] = "2015-04-01"
	request.QueryParams["Timestamp"] = utils.GetTimeInFormatISO8601()
	request.QueryParams["SignatureNonce"] = utils.GetUUID()
	signature := utils.Sha256WithRsa(request.BuildStringToSign(), r.PrivateKey)
	request.QueryParams["Signature"] = signature
	request.Headers["Host"] = request.Domain
	request.Headers["Accept-Encoding"] = "identity"
	request.Url = request.BuildUrl()
	content, err := doAction(request, r.runtime)
	if err != nil {
		return fmt.Errorf("refresh KeyPair err: %s", err.Error())
	}
	var resp *RsaKeyPairResponse
	err = json.Unmarshal(content, &resp)
	if err != nil {
		return fmt.Errorf("refresh KeyPair err: Json Unmarshal fail: %s", err.Error())
	}
	if resp == nil || resp.SessionAccessKey == nil {
		return fmt.Errorf("refresh KeyPair err: SessionAccessKey is empty")
	}
	sessionAccessKey := resp.SessionAccessKey
	if sessionAccessKey.SessionAccessKeyID == "" || sessionAccessKey.SessionAccessKeySecret == "" || sessionAccessKey.Expiration == "" {
		return fmt.Errorf("refresh KeyPair err: SessionAccessKeyID: %v, SessionAccessKeySecret: %v, Expiration: %v", sessionAccessKey.SessionAccessKeyID, sessionAccessKey.SessionAccessKeySecret, sessionAccessKey.Expiration)
	}

	expirationTime, err := time.Parse("2006-01-02T15:04:05Z", sessionAccessKey.Expiration)
	r.lastUpdateTimestamp = time.Now().Unix()
	r.credentialExpiration = int(expirationTime.Unix() - time.Now().Unix())
	r.sessionCredential = &sessionCredential{
		AccessKeyID:     sessionAccessKey.SessionAccessKeyID,
		AccessKeySecret: sessionAccessKey.SessionAccessKeySecret,
	}

	return
}


1			package credentials
2
3			import (
4			"encoding/json"
5			"errors"
6			"fmt"
7			"strconv"
8			"time"
9
10			"github.com/aliyun/credentials-go/credentials/request"
11			"github.com/aliyun/credentials-go/credentials/utils"
12			)
13
14			type RsaKeyPairCredential struct {
			0 ignored issues – show introduced 2019-09-05 01:55 UTC by Report Bug Copy Issue Report exported type RsaKeyPairCredential should have comment or be unexported Loading history...
15			*credentialUpdater
16			PrivateKey string
17			PublicKeyID string
18			SessionExpiration int
19			sessionCredential *sessionCredential
20			runtime *utils.Runtime
21			}
22
23			type RsaKeyPairResponse struct {
			0 ignored issues – show introduced 2019-09-05 01:55 UTC by Report Bug Copy Issue Report exported type RsaKeyPairResponse should have comment or be unexported Loading history...
24			SessionAccessKey *SessionAccessKey `json:"SessionAccessKey" xml:"SessionAccessKey"`
25			}
26
27			type SessionAccessKey struct {
			0 ignored issues – show introduced 2019-09-05 01:55 UTC by Report Bug Copy Issue Report exported type SessionAccessKey should have comment or be unexported Loading history...
28			SessionAccessKeyID string `json:"SessionAccessKeyID" xml:"SessionAccessKeyID"`
29			SessionAccessKeySecret string `json:"SessionAccessKeySecret" xml:"SessionAccessKeySecret"`
30			Expiration string `json:"Expiration" xml:"Expiration"`
31			}
32
33			func newRsaKeyPairCredential(privateKey, publicKeyID string, sessionExpiration int, runtime utils.Runtime) RsaKeyPairCredential {
34			return &RsaKeyPairCredential{
35			PrivateKey: privateKey,
36			PublicKeyID: publicKeyID,
37			SessionExpiration: sessionExpiration,
38			credentialUpdater: new(credentialUpdater),
39			runtime: runtime,
40			}
41			}
42
43			// GetAccessKeyID reutrns RsaKeyPairCredential's AccessKeyID
44			// if AccessKeyID is not exist or out of date, the function will update it.
45			func (r *RsaKeyPairCredential) GetAccessKeyID() (string, error) {
46			if r.sessionCredential == nil \|\| r.needUpdateCredential() {
47			err := r.updateCredential()
48			if err != nil {
49			return "", err
50			}
51			}
52			return r.sessionCredential.AccessKeyID, nil
53			}
54
55			// GetAccessSecret reutrns RsaKeyPairCredential's AccessKeySecret
56			// if AccessKeySecret is not exist or out of date, the function will update it.
57			func (r *RsaKeyPairCredential) GetAccessSecret() (string, error) {
58			if r.sessionCredential == nil \|\| r.needUpdateCredential() {
59			err := r.updateCredential()
60			if err != nil {
61			return "", err
62			}
63			}
64			return r.sessionCredential.AccessKeySecret, nil
65			}
66
67			// GetSecurityToken is useless RsaKeyPairCredential
68			func (r *RsaKeyPairCredential) GetSecurityToken() (string, error) {
69			return "", nil
70			}
71
72			// GetBearerToken is useless for RsaKeyPairCredential
73			func (r *RsaKeyPairCredential) GetBearerToken() string {
74			return ""
75			}
76
77			// GetType reutrns RsaKeyPairCredential's type
78			func (r *RsaKeyPairCredential) GetType() string {
79			return "rsa_key_pair"
80			}
81
82			func (r *RsaKeyPairCredential) updateCredential() (err error) {
83			if r.runtime == nil {
84			r.runtime = new(utils.Runtime)
85			}
86			request := request.NewCommonRequest()
87			request.Domain = "sts.aliyuncs.com"
88			if r.runtime.Host != "" {
89			request.Domain = r.runtime.Host
90			}
91			request.Scheme = "HTTPS"
92			request.Method = "GET"
93			request.QueryParams["AccessKeyId"] = r.PublicKeyID
94			request.QueryParams["Action"] = "GenerateSessionAccessKey"
95			request.QueryParams["Format"] = "JSON"
96			if r.SessionExpiration > 0 {
97			if r.SessionExpiration >= 900 && r.SessionExpiration <= 3600 {
98			request.QueryParams["DurationSeconds"] = strconv.Itoa(r.SessionExpiration)
99			} else {
100			err = errors.New("[InvalidParam]:Key Pair session duration should be in the range of 15min - 1Hr")
101			return
102			}
103			} else {
104			request.QueryParams["DurationSeconds"] = strconv.Itoa(defaultDurationSeconds)
105			}
106			request.QueryParams["SignatureMethod"] = "SHA256withRSA"
107			request.QueryParams["SignatureType"] = "PRIVATEKEY"
108			request.QueryParams["SignatureVersion"] = "1.0"
109			request.QueryParams["Version"] = "2015-04-01"
110			request.QueryParams["Timestamp"] = utils.GetTimeInFormatISO8601()
111			request.QueryParams["SignatureNonce"] = utils.GetUUID()
112			signature := utils.Sha256WithRsa(request.BuildStringToSign(), r.PrivateKey)
113			request.QueryParams["Signature"] = signature
114			request.Headers["Host"] = request.Domain
115			request.Headers["Accept-Encoding"] = "identity"
116			request.Url = request.BuildUrl()
117			content, err := doAction(request, r.runtime)
118			if err != nil {
119			return fmt.Errorf("refresh KeyPair err: %s", err.Error())
120			}
121			var resp *RsaKeyPairResponse
122			err = json.Unmarshal(content, &resp)
123			if err != nil {
124			return fmt.Errorf("refresh KeyPair err: Json Unmarshal fail: %s", err.Error())
125			}
126			if resp == nil \|\| resp.SessionAccessKey == nil {
127			return fmt.Errorf("refresh KeyPair err: SessionAccessKey is empty")
128			}
129			sessionAccessKey := resp.SessionAccessKey
130			if sessionAccessKey.SessionAccessKeyID == "" \|\| sessionAccessKey.SessionAccessKeySecret == "" \|\| sessionAccessKey.Expiration == "" {
131			return fmt.Errorf("refresh KeyPair err: SessionAccessKeyID: %v, SessionAccessKeySecret: %v, Expiration: %v", sessionAccessKey.SessionAccessKeyID, sessionAccessKey.SessionAccessKeySecret, sessionAccessKey.Expiration)
132			}
133
134			expirationTime, err := time.Parse("2006-01-02T15:04:05Z", sessionAccessKey.Expiration)
135			r.lastUpdateTimestamp = time.Now().Unix()
136			r.credentialExpiration = int(expirationTime.Unix() - time.Now().Unix())
137			r.sessionCredential = &sessionCredential{
138			AccessKeyID: sessionAccessKey.SessionAccessKeyID,
139			AccessKeySecret: sessionAccessKey.SessionAccessKeySecret,
140			}
141
142			return
143			}
144

aliyun / credentials-go

GitHub Access Token became invalid

Push — master ( 11f294...0d1638 )

credentials.*RsaKeyPairCredential.GetAccessKeyID A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like