credentials/credential.go - Code Metrics - Inspection of "support user-defined sts endpoint" - aliyun/credentials-go - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 268a44...ca9459 )

unknown

created 2023-02-24 04:33 UTC

credentials/credential.go F

↳ Parent: Project

Size/Duplication

Total Lines	409
Duplicated Lines	0 %

Importance

Changes

Metric	Value
cc	78
eloc	291
dl	0
loc	409
rs	2.16
c	0
b	0
f	0

31 Methods

Rating	Name	Size	Complexity
A	credentials.*Config.SetHost	3	1
A	credentials.*Config.SetRoleSessionExpiration	3	1
A	credentials.*Config.SetOIDCTokenFilePath	3	1
A	credentials.*Config.SetType	3	1
A	credentials.checkEcsRAMRole	2	1
A	credentials.*Config.SetURLCredential	6	2
A	credentials.*Config.SetAccessKeyId	3	1
A	credentials.*Config.SetConnectTimeout	3	1
A	credentials.*Config.SetProxy	3	1
A	credentials.*Config.SetPolicy	3	1
A	credentials.checkSTS	14	4
A	credentials.*Config.SetSessionExpiration	3	1
A	credentials.checkRSAKeyPair	10	3
D	credentials.doAction	56	13
A	credentials.*Config.SetOIDCProviderArn	3	1
A	credentials.*Config.SetRoleArn	3	1
A	credentials.checkRAMRoleArn	18	5
A	credentials.checkAccessKey	10	3
A	credentials.*Config.SetAccessKeySecret	3	1
A	credentials.*Config.SetSTSEndpoint	3	1
A	credentials.*Config.SetRoleSessionName	3	1
A	credentials.*Config.SetPrivateKeyFile	3	1
A	credentials.*Config.SetTimeout	3	1
A	credentials.checkoutAssumeRamoidc	10	3
A	credentials.*Config.SetSecurityToken	3	1
A	credentials.*Config.SetRoleName	3	1
F	credentials.NewCredential	96	21
A	credentials.*Config.SetBearerToken	3	1
A	credentials.Config.GoString	2	1
A	credentials.Config.String	2	1
A	credentials.*Config.SetPublicKeyId	3	1

package credentials

import (
	"bufio"
	"errors"
	"fmt"
	"net/http"
	"net/url"
	"os"
	"strings"
	"time"

	"github.com/alibabacloud-go/debug/debug"
	"github.com/alibabacloud-go/tea/tea"
	"github.com/aliyun/credentials-go/credentials/request"
	"github.com/aliyun/credentials-go/credentials/response"
	"github.com/aliyun/credentials-go/credentials/utils"
)

var debuglog = debug.Init("credential")

var hookParse = func(err error) error {
	return err
}

// Credential is an interface for getting actual credential
type Credential interface {
	GetAccessKeyId() (*string, error)
	GetAccessKeySecret() (*string, error)
	GetSecurityToken() (*string, error)
	GetBearerToken() *string
	GetType() *string
}

// Config is important when call NewCredential
type Config struct {
	Type                  *string  `json:"type"`
	AccessKeyId           *string  `json:"access_key_id"`
	AccessKeySecret       *string  `json:"access_key_secret"`
	OIDCProviderArn       *string  `json:"oidc_provider_arn"`
	OIDCTokenFilePath     *string  `json:"oidc_token"`
	RoleArn               *string  `json:"role_arn"`
	RoleSessionName       *string  `json:"role_session_name"`
	PublicKeyId           *string  `json:"public_key_id"`
	RoleName              *string  `json:"role_name"`
	SessionExpiration     *int     `json:"session_expiration"`
	PrivateKeyFile        *string  `json:"private_key_file"`
	BearerToken           *string  `json:"bearer_token"`
	SecurityToken         *string  `json:"security_token"`
	RoleSessionExpiration *int     `json:"role_session_expiratioon"`
	Policy                *string  `json:"policy"`
	Host                  *string  `json:"host"`
	Timeout               *int     `json:"timeout"`
	ConnectTimeout        *int     `json:"connect_timeout"`
	Proxy                 *string  `json:"proxy"`
	InAdvanceScale        *float64 `json:"inAdvanceScale"`
	Url                   *string  `json:"url"`
	STSEndpoint           *string  `json:"sts_endpoint"`
}

func (s Config) String() string {
	return tea.Prettify(s)
}

func (s Config) GoString() string {
	return s.String()
}

func (s *Config) SetAccessKeyId(v string) *Config {
	s.AccessKeyId = &v
	return s
}

func (s *Config) SetAccessKeySecret(v string) *Config {
	s.AccessKeySecret = &v
	return s
}

func (s *Config) SetSecurityToken(v string) *Config {
	s.SecurityToken = &v
	return s
}

func (s *Config) SetRoleArn(v string) *Config {
	s.RoleArn = &v
	return s
}

func (s *Config) SetRoleSessionName(v string) *Config {
	s.RoleSessionName = &v
	return s
}

func (s *Config) SetPublicKeyId(v string) *Config {
	s.PublicKeyId = &v
	return s
}

func (s *Config) SetRoleName(v string) *Config {
	s.RoleName = &v
	return s
}

func (s *Config) SetSessionExpiration(v int) *Config {
	s.SessionExpiration = &v
	return s
}

func (s *Config) SetPrivateKeyFile(v string) *Config {
	s.PrivateKeyFile = &v
	return s
}

func (s *Config) SetBearerToken(v string) *Config {
	s.BearerToken = &v
	return s
}

func (s *Config) SetRoleSessionExpiration(v int) *Config {
	s.RoleSessionExpiration = &v
	return s
}

func (s *Config) SetPolicy(v string) *Config {
	s.Policy = &v
	return s
}

func (s *Config) SetHost(v string) *Config {
	s.Host = &v
	return s
}

func (s *Config) SetTimeout(v int) *Config {
	s.Timeout = &v
	return s
}

func (s *Config) SetConnectTimeout(v int) *Config {
	s.ConnectTimeout = &v
	return s
}

func (s *Config) SetProxy(v string) *Config {
	s.Proxy = &v
	return s
}

func (s *Config) SetType(v string) *Config {
	s.Type = &v
	return s
}

func (s *Config) SetOIDCTokenFilePath(v string) *Config {
	s.OIDCTokenFilePath = &v
	return s
}

func (s *Config) SetOIDCProviderArn(v string) *Config {
	s.OIDCProviderArn = &v
	return s
}

func (s *Config) SetURLCredential(v string) *Config {
	if v == "" {
		v = os.Getenv("ALIBABA_CLOUD_CREDENTIALS_URI")
	}
	s.Url = &v
	return s
}

func (s *Config) SetSTSEndpoint(v string) *Config {
	s.STSEndpoint = &v
	return s
}

// NewCredential return a credential according to the type in config.
// if config is nil, the function will use default provider chain to get credential.
// please see README.md for detail.
func NewCredential(config *Config) (credential Credential, err error) {
	if config == nil {
		config, err = defaultChain.resolve()
		if err != nil {
			return
		}
		return NewCredential(config)
	}
	switch tea.StringValue(config.Type) {
	case "credentials_uri":
		credential = newURLCredential(tea.StringValue(config.Url))
	case "oidc_role_arn":
		err = checkoutAssumeRamoidc(config)
		if err != nil {
			return
		}
		runtime := &utils.Runtime{
			Host:           tea.StringValue(config.Host),
			Proxy:          tea.StringValue(config.Proxy),
			ReadTimeout:    tea.IntValue(config.Timeout),
			ConnectTimeout: tea.IntValue(config.ConnectTimeout),
			STSEndpoint:    tea.StringValue(config.STSEndpoint),
		}
		credential = newOIDCRoleArnCredential(tea.StringValue(config.AccessKeyId), tea.StringValue(config.AccessKeySecret), tea.StringValue(config.RoleArn), tea.StringValue(config.OIDCProviderArn), tea.StringValue(config.OIDCTokenFilePath), tea.StringValue(config.RoleSessionName), tea.StringValue(config.Policy), tea.IntValue(config.RoleSessionExpiration), runtime)
	case "access_key":
		err = checkAccessKey(config)
		if err != nil {
			return
		}
		credential = newAccessKeyCredential(tea.StringValue(config.AccessKeyId), tea.StringValue(config.AccessKeySecret))
	case "sts":
		err = checkSTS(config)
		if err != nil {
			return
		}
		credential = newStsTokenCredential(tea.StringValue(config.AccessKeyId), tea.StringValue(config.AccessKeySecret), tea.StringValue(config.SecurityToken))
	case "ecs_ram_role":
		checkEcsRAMRole(config)
		runtime := &utils.Runtime{
			Host:           tea.StringValue(config.Host),
			Proxy:          tea.StringValue(config.Proxy),
			ReadTimeout:    tea.IntValue(config.Timeout),
			ConnectTimeout: tea.IntValue(config.ConnectTimeout),
		}
		credential = newEcsRAMRoleCredential(tea.StringValue(config.RoleName), tea.Float64Value(config.InAdvanceScale), runtime)
	case "ram_role_arn":
		err = checkRAMRoleArn(config)
		if err != nil {
			return
		}
		runtime := &utils.Runtime{
			Host:           tea.StringValue(config.Host),
			Proxy:          tea.StringValue(config.Proxy),
			ReadTimeout:    tea.IntValue(config.Timeout),
			ConnectTimeout: tea.IntValue(config.ConnectTimeout),
			STSEndpoint:    tea.StringValue(config.STSEndpoint),
		}
		credential = newRAMRoleArnCredential(tea.StringValue(config.AccessKeyId), tea.StringValue(config.AccessKeySecret), tea.StringValue(config.RoleArn), tea.StringValue(config.RoleSessionName), tea.StringValue(config.Policy), tea.IntValue(config.RoleSessionExpiration), runtime)
	case "rsa_key_pair":
		err = checkRSAKeyPair(config)
		if err != nil {
			return
		}
		file, err1 := os.Open(tea.StringValue(config.PrivateKeyFile))
		if err1 != nil {
			err = fmt.Errorf("InvalidPath: Can not open PrivateKeyFile, err is %s", err1.Error())
			return
		}
		defer file.Close()
		var privateKey string
		scan := bufio.NewScanner(file)
		for scan.Scan() {
			if strings.HasPrefix(scan.Text(), "----") {
				continue
			}
			privateKey += scan.Text() + "\n"
		}
		runtime := &utils.Runtime{
			Host:           tea.StringValue(config.Host),
			Proxy:          tea.StringValue(config.Proxy),
			ReadTimeout:    tea.IntValue(config.Timeout),
			ConnectTimeout: tea.IntValue(config.ConnectTimeout),
			STSEndpoint:    tea.StringValue(config.STSEndpoint),
		}
		credential = newRsaKeyPairCredential(privateKey, tea.StringValue(config.PublicKeyId), tea.IntValue(config.SessionExpiration), runtime)
	case "bearer":
		if tea.StringValue(config.BearerToken) == "" {
			err = errors.New("BearerToken cannot be empty")
			return
		}
		credential = newBearerTokenCredential(tea.StringValue(config.BearerToken))
	default:
		err = errors.New("Invalid type option, support: access_key, sts, ecs_ram_role, ram_role_arn, rsa_key_pair")
		return
	}
	return credential, nil
}

func checkRSAKeyPair(config *Config) (err error) {
	if tea.StringValue(config.PrivateKeyFile) == "" {
		err = errors.New("PrivateKeyFile cannot be empty")
		return
	}
	if tea.StringValue(config.PublicKeyId) == "" {
		err = errors.New("PublicKeyId cannot be empty")
		return
	}
	return
}

func checkoutAssumeRamoidc(config *Config) (err error) {
	if tea.StringValue(config.RoleArn) == "" {
		err = errors.New("RoleArn cannot be empty")
		return
	}
	if tea.StringValue(config.OIDCProviderArn) == "" {
		err = errors.New("OIDCProviderArn cannot be empty")
		return
	}
	return
}

func checkRAMRoleArn(config *Config) (err error) {
	if tea.StringValue(config.AccessKeySecret) == "" {
		err = errors.New("AccessKeySecret cannot be empty")
		return
	}
	if tea.StringValue(config.RoleArn) == "" {
		err = errors.New("RoleArn cannot be empty")
		return
	}
	if tea.StringValue(config.RoleSessionName) == "" {
		err = errors.New("RoleSessionName cannot be empty")
		return
	}
	if tea.StringValue(config.AccessKeyId) == "" {
		err = errors.New("AccessKeyId cannot be empty")
		return
	}
	return
}

func checkEcsRAMRole(config *Config) (err error) {
	return
}

func checkSTS(config *Config) (err error) {
	if tea.StringValue(config.AccessKeyId) == "" {
		err = errors.New("AccessKeyId cannot be empty")
		return
	}
	if tea.StringValue(config.AccessKeySecret) == "" {
		err = errors.New("AccessKeySecret cannot be empty")
		return
	}
	if tea.StringValue(config.SecurityToken) == "" {
		err = errors.New("SecurityToken cannot be empty")
		return
	}
	return
}

func checkAccessKey(config *Config) (err error) {
	if tea.StringValue(config.AccessKeyId) == "" {
		err = errors.New("AccessKeyId cannot be empty")
		return
	}
	if tea.StringValue(config.AccessKeySecret) == "" {
		err = errors.New("AccessKeySecret cannot be empty")
		return
	}
	return
}

func doAction(request *request.CommonRequest, runtime *utils.Runtime) (content []byte, err error) {
	var urlEncoded string
	if request.BodyParams != nil {
		urlEncoded = utils.GetURLFormedMap(request.BodyParams)
	}
	httpRequest, err := http.NewRequest(request.Method, request.URL, strings.NewReader(urlEncoded))
	if err != nil {
		return
	}
	httpRequest.Proto = "HTTP/1.1"
	httpRequest.Host = request.Domain
	debuglog("> %s %s %s", httpRequest.Method, httpRequest.URL.RequestURI(), httpRequest.Proto)
	debuglog("> Host: %s", httpRequest.Host)
	for key, value := range request.Headers {
		if value != "" {
			debuglog("> %s: %s", key, value)
			httpRequest.Header[key] = []string{value}
		}
	}
	debuglog(">")
	httpClient := &http.Client{}
	httpClient.Timeout = time.Duration(runtime.ReadTimeout) * time.Second
	proxy := &url.URL{}
	if runtime.Proxy != "" {
		proxy, err = url.Parse(runtime.Proxy)
		if err != nil {
			return
		}
	}
	trans := &http.Transport{}
	if proxy != nil && runtime.Proxy != "" {
		trans.Proxy = http.ProxyURL(proxy)
	}
	trans.DialContext = utils.Timeout(time.Duration(runtime.ConnectTimeout) * time.Second)
	httpClient.Transport = trans
	httpResponse, err := hookDo(httpClient.Do)(httpRequest)
	if err != nil {
		return
	}
	debuglog("< %s %s", httpResponse.Proto, httpResponse.Status)
	for key, value := range httpResponse.Header {
		debuglog("< %s: %v", key, strings.Join(value, ""))
	}
	debuglog("<")

	resp := &response.CommonResponse{}
	err = hookParse(resp.ParseFromHTTPResponse(httpResponse))
	if err != nil {
		return
	}
	debuglog("%s", resp.GetHTTPContentString())
	if resp.GetHTTPStatus() != http.StatusOK {
		err = fmt.Errorf("httpStatus: %d, message = %s", resp.GetHTTPStatus(), resp.GetHTTPContentString())
		return
	}
	return resp.GetHTTPContentBytes(), nil
}


1			package credentials
2
3			import (
4			"bufio"
5			"errors"
6			"fmt"
7			"net/http"
8			"net/url"
9			"os"
10			"strings"
11			"time"
12
13			"github.com/alibabacloud-go/debug/debug"
14			"github.com/alibabacloud-go/tea/tea"
15			"github.com/aliyun/credentials-go/credentials/request"
16			"github.com/aliyun/credentials-go/credentials/response"
17			"github.com/aliyun/credentials-go/credentials/utils"
18			)
19
20			var debuglog = debug.Init("credential")
21
22			var hookParse = func(err error) error {
23			return err
24			}
25
26			// Credential is an interface for getting actual credential
27			type Credential interface {
28			GetAccessKeyId() (*string, error)
29			GetAccessKeySecret() (*string, error)
30			GetSecurityToken() (*string, error)
31			GetBearerToken() *string
32			GetType() *string
33			}
34
35			// Config is important when call NewCredential
36			type Config struct {
37			Type *string `json:"type"`
38			AccessKeyId *string `json:"access_key_id"`
39			AccessKeySecret *string `json:"access_key_secret"`
40			OIDCProviderArn *string `json:"oidc_provider_arn"`
41			OIDCTokenFilePath *string `json:"oidc_token"`
42			RoleArn *string `json:"role_arn"`
43			RoleSessionName *string `json:"role_session_name"`
44			PublicKeyId *string `json:"public_key_id"`
45			RoleName *string `json:"role_name"`
46			SessionExpiration *int `json:"session_expiration"`
47			PrivateKeyFile *string `json:"private_key_file"`
48			BearerToken *string `json:"bearer_token"`
49			SecurityToken *string `json:"security_token"`
50			RoleSessionExpiration *int `json:"role_session_expiratioon"`
51			Policy *string `json:"policy"`
52			Host *string `json:"host"`
53			Timeout *int `json:"timeout"`
54			ConnectTimeout *int `json:"connect_timeout"`
55			Proxy *string `json:"proxy"`
56			InAdvanceScale *float64 `json:"inAdvanceScale"`
57			Url *string `json:"url"`
58			STSEndpoint *string `json:"sts_endpoint"`
59			}
60
61			func (s Config) String() string {
62			return tea.Prettify(s)
63			}
64
65			func (s Config) GoString() string {
66			return s.String()
67			}
68
69			func (s Config) SetAccessKeyId(v string) Config {
70			s.AccessKeyId = &v
71			return s
72			}
73
74			func (s Config) SetAccessKeySecret(v string) Config {
75			s.AccessKeySecret = &v
76			return s
77			}
78
79			func (s Config) SetSecurityToken(v string) Config {
80			s.SecurityToken = &v
81			return s
82			}
83
84			func (s Config) SetRoleArn(v string) Config {
85			s.RoleArn = &v
86			return s
87			}
88
89			func (s Config) SetRoleSessionName(v string) Config {
90			s.RoleSessionName = &v
91			return s
92			}
93
94			func (s Config) SetPublicKeyId(v string) Config {
95			s.PublicKeyId = &v
96			return s
97			}
98
99			func (s Config) SetRoleName(v string) Config {
100			s.RoleName = &v
101			return s
102			}
103
104			func (s Config) SetSessionExpiration(v int) Config {
105			s.SessionExpiration = &v
106			return s
107			}
108
109			func (s Config) SetPrivateKeyFile(v string) Config {
110			s.PrivateKeyFile = &v
111			return s
112			}
113
114			func (s Config) SetBearerToken(v string) Config {
115			s.BearerToken = &v
116			return s
117			}
118
119			func (s Config) SetRoleSessionExpiration(v int) Config {
120			s.RoleSessionExpiration = &v
121			return s
122			}
123
124			func (s Config) SetPolicy(v string) Config {
125			s.Policy = &v
126			return s
127			}
128
129			func (s Config) SetHost(v string) Config {
130			s.Host = &v
131			return s
132			}
133
134			func (s Config) SetTimeout(v int) Config {
135			s.Timeout = &v
136			return s
137			}
138
139			func (s Config) SetConnectTimeout(v int) Config {
140			s.ConnectTimeout = &v
141			return s
142			}
143
144			func (s Config) SetProxy(v string) Config {
145			s.Proxy = &v
146			return s
147			}
148
149			func (s Config) SetType(v string) Config {
150			s.Type = &v
151			return s
152			}
153
154			func (s Config) SetOIDCTokenFilePath(v string) Config {
155			s.OIDCTokenFilePath = &v
156			return s
157			}
158
159			func (s Config) SetOIDCProviderArn(v string) Config {
160			s.OIDCProviderArn = &v
161			return s
162			}
163
164			func (s Config) SetURLCredential(v string) Config {
165			if v == "" {
166			v = os.Getenv("ALIBABA_CLOUD_CREDENTIALS_URI")
167			}
168			s.Url = &v
169			return s
170			}
171
172			func (s Config) SetSTSEndpoint(v string) Config {
173			s.STSEndpoint = &v
174			return s
175			}
176
177			// NewCredential return a credential according to the type in config.
178			// if config is nil, the function will use default provider chain to get credential.
179			// please see README.md for detail.
180			func NewCredential(config *Config) (credential Credential, err error) {
181			if config == nil {
182			config, err = defaultChain.resolve()
183			if err != nil {
184			return
185			}
186			return NewCredential(config)
187			}
188			switch tea.StringValue(config.Type) {
189			case "credentials_uri":
190			credential = newURLCredential(tea.StringValue(config.Url))
191			case "oidc_role_arn":
192			err = checkoutAssumeRamoidc(config)
193			if err != nil {
194			return
195			}
196			runtime := &utils.Runtime{
197			Host: tea.StringValue(config.Host),
198			Proxy: tea.StringValue(config.Proxy),
199			ReadTimeout: tea.IntValue(config.Timeout),
200			ConnectTimeout: tea.IntValue(config.ConnectTimeout),
201			STSEndpoint: tea.StringValue(config.STSEndpoint),
202			}
203			credential = newOIDCRoleArnCredential(tea.StringValue(config.AccessKeyId), tea.StringValue(config.AccessKeySecret), tea.StringValue(config.RoleArn), tea.StringValue(config.OIDCProviderArn), tea.StringValue(config.OIDCTokenFilePath), tea.StringValue(config.RoleSessionName), tea.StringValue(config.Policy), tea.IntValue(config.RoleSessionExpiration), runtime)
204			case "access_key":
205			err = checkAccessKey(config)
206			if err != nil {
207			return
208			}
209			credential = newAccessKeyCredential(tea.StringValue(config.AccessKeyId), tea.StringValue(config.AccessKeySecret))
210			case "sts":
211			err = checkSTS(config)
212			if err != nil {
213			return
214			}
215			credential = newStsTokenCredential(tea.StringValue(config.AccessKeyId), tea.StringValue(config.AccessKeySecret), tea.StringValue(config.SecurityToken))
216			case "ecs_ram_role":
217			checkEcsRAMRole(config)
218			runtime := &utils.Runtime{
219			Host: tea.StringValue(config.Host),
220			Proxy: tea.StringValue(config.Proxy),
221			ReadTimeout: tea.IntValue(config.Timeout),
222			ConnectTimeout: tea.IntValue(config.ConnectTimeout),
223			}
224			credential = newEcsRAMRoleCredential(tea.StringValue(config.RoleName), tea.Float64Value(config.InAdvanceScale), runtime)
225			case "ram_role_arn":
226			err = checkRAMRoleArn(config)
227			if err != nil {
228			return
229			}
230			runtime := &utils.Runtime{
231			Host: tea.StringValue(config.Host),
232			Proxy: tea.StringValue(config.Proxy),
233			ReadTimeout: tea.IntValue(config.Timeout),
234			ConnectTimeout: tea.IntValue(config.ConnectTimeout),
235			STSEndpoint: tea.StringValue(config.STSEndpoint),
236			}
237			credential = newRAMRoleArnCredential(tea.StringValue(config.AccessKeyId), tea.StringValue(config.AccessKeySecret), tea.StringValue(config.RoleArn), tea.StringValue(config.RoleSessionName), tea.StringValue(config.Policy), tea.IntValue(config.RoleSessionExpiration), runtime)
238			case "rsa_key_pair":
239			err = checkRSAKeyPair(config)
240			if err != nil {
241			return
242			}
243			file, err1 := os.Open(tea.StringValue(config.PrivateKeyFile))
244			if err1 != nil {
245			err = fmt.Errorf("InvalidPath: Can not open PrivateKeyFile, err is %s", err1.Error())
246			return
247			}
248			defer file.Close()
249			var privateKey string
250			scan := bufio.NewScanner(file)
251			for scan.Scan() {
252			if strings.HasPrefix(scan.Text(), "----") {
253			continue
254			}
255			privateKey += scan.Text() + "\n"
256			}
257			runtime := &utils.Runtime{
258			Host: tea.StringValue(config.Host),
259			Proxy: tea.StringValue(config.Proxy),
260			ReadTimeout: tea.IntValue(config.Timeout),
261			ConnectTimeout: tea.IntValue(config.ConnectTimeout),
262			STSEndpoint: tea.StringValue(config.STSEndpoint),
263			}
264			credential = newRsaKeyPairCredential(privateKey, tea.StringValue(config.PublicKeyId), tea.IntValue(config.SessionExpiration), runtime)
265			case "bearer":
266			if tea.StringValue(config.BearerToken) == "" {
267			err = errors.New("BearerToken cannot be empty")
268			return
269			}
270			credential = newBearerTokenCredential(tea.StringValue(config.BearerToken))
271			default:
272			err = errors.New("Invalid type option, support: access_key, sts, ecs_ram_role, ram_role_arn, rsa_key_pair")
273			return
274			}
275			return credential, nil
276			}
277
278			func checkRSAKeyPair(config *Config) (err error) {
279			if tea.StringValue(config.PrivateKeyFile) == "" {
280			err = errors.New("PrivateKeyFile cannot be empty")
281			return
282			}
283			if tea.StringValue(config.PublicKeyId) == "" {
284			err = errors.New("PublicKeyId cannot be empty")
285			return
286			}
287			return
288			}
289
290			func checkoutAssumeRamoidc(config *Config) (err error) {
291			if tea.StringValue(config.RoleArn) == "" {
292			err = errors.New("RoleArn cannot be empty")
293			return
294			}
295			if tea.StringValue(config.OIDCProviderArn) == "" {
296			err = errors.New("OIDCProviderArn cannot be empty")
297			return
298			}
299			return
300			}
301
302			func checkRAMRoleArn(config *Config) (err error) {
303			if tea.StringValue(config.AccessKeySecret) == "" {
304			err = errors.New("AccessKeySecret cannot be empty")
305			return
306			}
307			if tea.StringValue(config.RoleArn) == "" {
308			err = errors.New("RoleArn cannot be empty")
309			return
310			}
311			if tea.StringValue(config.RoleSessionName) == "" {
312			err = errors.New("RoleSessionName cannot be empty")
313			return
314			}
315			if tea.StringValue(config.AccessKeyId) == "" {
316			err = errors.New("AccessKeyId cannot be empty")
317			return
318			}
319			return
320			}
321
322			func checkEcsRAMRole(config *Config) (err error) {
323			return
324			}
325
326			func checkSTS(config *Config) (err error) {
327			if tea.StringValue(config.AccessKeyId) == "" {
328			err = errors.New("AccessKeyId cannot be empty")
329			return
330			}
331			if tea.StringValue(config.AccessKeySecret) == "" {
332			err = errors.New("AccessKeySecret cannot be empty")
333			return
334			}
335			if tea.StringValue(config.SecurityToken) == "" {
336			err = errors.New("SecurityToken cannot be empty")
337			return
338			}
339			return
340			}
341
342			func checkAccessKey(config *Config) (err error) {
343			if tea.StringValue(config.AccessKeyId) == "" {
344			err = errors.New("AccessKeyId cannot be empty")
345			return
346			}
347			if tea.StringValue(config.AccessKeySecret) == "" {
348			err = errors.New("AccessKeySecret cannot be empty")
349			return
350			}
351			return
352			}
353
354			func doAction(request request.CommonRequest, runtime utils.Runtime) (content []byte, err error) {
355			var urlEncoded string
356			if request.BodyParams != nil {
357			urlEncoded = utils.GetURLFormedMap(request.BodyParams)
358			}
359			httpRequest, err := http.NewRequest(request.Method, request.URL, strings.NewReader(urlEncoded))
360			if err != nil {
361			return
362			}
363			httpRequest.Proto = "HTTP/1.1"
364			httpRequest.Host = request.Domain
365			debuglog("> %s %s %s", httpRequest.Method, httpRequest.URL.RequestURI(), httpRequest.Proto)
366			debuglog("> Host: %s", httpRequest.Host)
367			for key, value := range request.Headers {
368			if value != "" {
369			debuglog("> %s: %s", key, value)
370			httpRequest.Header[key] = []string{value}
371			}
372			}
373			debuglog(">")
374			httpClient := &http.Client{}
375			httpClient.Timeout = time.Duration(runtime.ReadTimeout) * time.Second
376			proxy := &url.URL{}
377			if runtime.Proxy != "" {
378			proxy, err = url.Parse(runtime.Proxy)
379			if err != nil {
380			return
381			}
382			}
383			trans := &http.Transport{}
384			if proxy != nil && runtime.Proxy != "" {
385			trans.Proxy = http.ProxyURL(proxy)
386			}
387			trans.DialContext = utils.Timeout(time.Duration(runtime.ConnectTimeout) * time.Second)
388			httpClient.Transport = trans
389			httpResponse, err := hookDo(httpClient.Do)(httpRequest)
390			if err != nil {
391			return
392			}
393			debuglog("< %s %s", httpResponse.Proto, httpResponse.Status)
394			for key, value := range httpResponse.Header {
395			debuglog("< %s: %v", key, strings.Join(value, ""))
396			}
397			debuglog("<")
398
399			resp := &response.CommonResponse{}
400			err = hookParse(resp.ParseFromHTTPResponse(httpResponse))
401			if err != nil {
402			return
403			}
404			debuglog("%s", resp.GetHTTPContentString())
405			if resp.GetHTTPStatus() != http.StatusOK {
406			err = fmt.Errorf("httpStatus: %d, message = %s", resp.GetHTTPStatus(), resp.GetHTTPContentString())
407			return
408			}
409			return resp.GetHTTPContentBytes(), nil
410			}
411

aliyun / credentials-go

GitHub Access Token became invalid

Push — master ( 268a44...ca9459 )

credentials/credential.go F

Size/Duplication

Importance

31 Methods

Duplication Side-by-Side

Filter issues like