credentials.*Config.SetAccessKeySecret - Code Metrics - Inspection of "docs: update IMDSv2 doc for ecs ram role" - aliyun/credentials-go - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 461384...5f7217 )

unknown

created 2024-05-24 03:59 UTC

credentials.*Config.SetAccessKeySecret A

↳ Parent: credentials/credential.go

Complexity

Conditions

Size

Total Lines	3
Code Lines	3

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	1
eloc	3
nop	1
dl	0
loc	3
rs	10
c	0
b	0
f	0

package credentials

import (
	"bufio"
	"errors"
	"fmt"
	"net/http"
	"net/url"
	"os"
	"strings"
	"time"

	"github.com/alibabacloud-go/debug/debug"
	"github.com/alibabacloud-go/tea/tea"
	"github.com/aliyun/credentials-go/credentials/request"
	"github.com/aliyun/credentials-go/credentials/response"
	"github.com/aliyun/credentials-go/credentials/utils"
)

var debuglog = debug.Init("credential")

var hookParse = func(err error) error {
	return err
}

// Credential is an interface for getting actual credential
type Credential interface {
	// Deprecated: GetAccessKeyId is deprecated, use GetCredential instead of.
	GetAccessKeyId() (*string, error)
	// Deprecated: GetAccessKeySecret is deprecated, use GetCredential instead of.
	GetAccessKeySecret() (*string, error)
	// Deprecated: GetSecurityToken is deprecated, use GetCredential instead of.
	GetSecurityToken() (*string, error)
	GetBearerToken() *string
	GetType() *string
	GetCredential() (*CredentialModel, error)
}

// Config is important when call NewCredential
type Config struct {
	Type                  *string  `json:"type"`
	AccessKeyId           *string  `json:"access_key_id"`
	AccessKeySecret       *string  `json:"access_key_secret"`
	OIDCProviderArn       *string  `json:"oidc_provider_arn"`
	OIDCTokenFilePath     *string  `json:"oidc_token"`
	RoleArn               *string  `json:"role_arn"`
	RoleSessionName       *string  `json:"role_session_name"`
	PublicKeyId           *string  `json:"public_key_id"`
	RoleName              *string  `json:"role_name"`
	EnableIMDSv2          *bool    `json:"enable_imds_v2"`
	MetadataTokenDuration *int     `json:"metadata_token_duration"`
	SessionExpiration     *int     `json:"session_expiration"`
	PrivateKeyFile        *string  `json:"private_key_file"`
	BearerToken           *string  `json:"bearer_token"`
	SecurityToken         *string  `json:"security_token"`
	RoleSessionExpiration *int     `json:"role_session_expiratioon"`
	Policy                *string  `json:"policy"`
	Host                  *string  `json:"host"`
	Timeout               *int     `json:"timeout"`
	ConnectTimeout        *int     `json:"connect_timeout"`
	Proxy                 *string  `json:"proxy"`
	InAdvanceScale        *float64 `json:"inAdvanceScale"`
	Url                   *string  `json:"url"`
	STSEndpoint           *string  `json:"sts_endpoint"`
	ExternalId            *string  `json:"external_id"`
}

func (s Config) String() string {
	return tea.Prettify(s)
}

func (s Config) GoString() string {
	return s.String()
}

func (s *Config) SetAccessKeyId(v string) *Config {
	s.AccessKeyId = &v
	return s
}

func (s *Config) SetAccessKeySecret(v string) *Config {
	s.AccessKeySecret = &v
	return s
}

func (s *Config) SetSecurityToken(v string) *Config {
	s.SecurityToken = &v
	return s
}

func (s *Config) SetRoleArn(v string) *Config {
	s.RoleArn = &v
	return s
}

func (s *Config) SetRoleSessionName(v string) *Config {
	s.RoleSessionName = &v
	return s
}

func (s *Config) SetPublicKeyId(v string) *Config {
	s.PublicKeyId = &v
	return s
}

func (s *Config) SetRoleName(v string) *Config {
	s.RoleName = &v
	return s
}

func (s *Config) SetEnableIMDSv2(v bool) *Config {
	s.EnableIMDSv2 = &v
	return s
}

func (s *Config) SetMetadataTokenDuration(v int) *Config {
	s.MetadataTokenDuration = &v
	return s
}

func (s *Config) SetSessionExpiration(v int) *Config {
	s.SessionExpiration = &v
	return s
}

func (s *Config) SetPrivateKeyFile(v string) *Config {
	s.PrivateKeyFile = &v
	return s
}

func (s *Config) SetBearerToken(v string) *Config {
	s.BearerToken = &v
	return s
}

func (s *Config) SetRoleSessionExpiration(v int) *Config {
	s.RoleSessionExpiration = &v
	return s
}

func (s *Config) SetPolicy(v string) *Config {
	s.Policy = &v
	return s
}

func (s *Config) SetHost(v string) *Config {
	s.Host = &v
	return s
}

func (s *Config) SetTimeout(v int) *Config {
	s.Timeout = &v
	return s
}

func (s *Config) SetConnectTimeout(v int) *Config {
	s.ConnectTimeout = &v
	return s
}

func (s *Config) SetProxy(v string) *Config {
	s.Proxy = &v
	return s
}

func (s *Config) SetType(v string) *Config {
	s.Type = &v
	return s
}

func (s *Config) SetOIDCTokenFilePath(v string) *Config {
	s.OIDCTokenFilePath = &v
	return s
}

func (s *Config) SetOIDCProviderArn(v string) *Config {
	s.OIDCProviderArn = &v
	return s
}

func (s *Config) SetURLCredential(v string) *Config {
	if v == "" {
		v = os.Getenv("ALIBABA_CLOUD_CREDENTIALS_URI")
	}
	s.Url = &v
	return s
}

func (s *Config) SetSTSEndpoint(v string) *Config {
	s.STSEndpoint = &v
	return s
}

// NewCredential return a credential according to the type in config.
// if config is nil, the function will use default provider chain to get credential.
// please see README.md for detail.
func NewCredential(config *Config) (credential Credential, err error) {
	if config == nil {
		config, err = defaultChain.resolve()
		if err != nil {
			return
		}
		return NewCredential(config)
	}
	switch tea.StringValue(config.Type) {
	case "credentials_uri":
		credential = newURLCredential(tea.StringValue(config.Url))
	case "oidc_role_arn":
		err = checkoutAssumeRamoidc(config)
		if err != nil {
			return
		}
		runtime := &utils.Runtime{
			Host:           tea.StringValue(config.Host),
			Proxy:          tea.StringValue(config.Proxy),
			ReadTimeout:    tea.IntValue(config.Timeout),
			ConnectTimeout: tea.IntValue(config.ConnectTimeout),
			STSEndpoint:    tea.StringValue(config.STSEndpoint),
		}
		credential = newOIDCRoleArnCredential(
			tea.StringValue(config.AccessKeyId),
			tea.StringValue(config.AccessKeySecret),
			tea.StringValue(config.RoleArn),
			tea.StringValue(config.OIDCProviderArn),
			tea.StringValue(config.OIDCTokenFilePath),
			tea.StringValue(config.RoleSessionName),
			tea.StringValue(config.Policy),
			tea.IntValue(config.RoleSessionExpiration),
			runtime)
	case "access_key":
		err = checkAccessKey(config)
		if err != nil {
			return
		}
		credential = newAccessKeyCredential(
			tea.StringValue(config.AccessKeyId),
			tea.StringValue(config.AccessKeySecret))
	case "sts":
		err = checkSTS(config)
		if err != nil {
			return
		}
		credential = newStsTokenCredential(
			tea.StringValue(config.AccessKeyId),
			tea.StringValue(config.AccessKeySecret),
			tea.StringValue(config.SecurityToken))
	case "ecs_ram_role":
		checkEcsRAMRole(config)
		runtime := &utils.Runtime{
			Host:           tea.StringValue(config.Host),
			Proxy:          tea.StringValue(config.Proxy),
			ReadTimeout:    tea.IntValue(config.Timeout),
			ConnectTimeout: tea.IntValue(config.ConnectTimeout),
		}
		credential = newEcsRAMRoleCredentialWithEnableIMDSv2(
			tea.StringValue(config.RoleName),
			tea.BoolValue(config.EnableIMDSv2),
			tea.IntValue(config.MetadataTokenDuration),
			tea.Float64Value(config.InAdvanceScale),
			runtime)
	case "ram_role_arn":
		err = checkRAMRoleArn(config)
		if err != nil {
			return
		}
		runtime := &utils.Runtime{
			Host:           tea.StringValue(config.Host),
			Proxy:          tea.StringValue(config.Proxy),
			ReadTimeout:    tea.IntValue(config.Timeout),
			ConnectTimeout: tea.IntValue(config.ConnectTimeout),
			STSEndpoint:    tea.StringValue(config.STSEndpoint),
		}
		credential = newRAMRoleArnWithExternalIdCredential(
			tea.StringValue(config.AccessKeyId),
			tea.StringValue(config.AccessKeySecret),
			tea.StringValue(config.RoleArn),
			tea.StringValue(config.RoleSessionName),
			tea.StringValue(config.Policy),
			tea.IntValue(config.RoleSessionExpiration),
			tea.StringValue(config.ExternalId),
			runtime)
	case "rsa_key_pair":
		err = checkRSAKeyPair(config)
		if err != nil {
			return
		}
		file, err1 := os.Open(tea.StringValue(config.PrivateKeyFile))
		if err1 != nil {
			err = fmt.Errorf("InvalidPath: Can not open PrivateKeyFile, err is %s", err1.Error())
			return
		}
		defer file.Close()
		var privateKey string
		scan := bufio.NewScanner(file)
		for scan.Scan() {
			if strings.HasPrefix(scan.Text(), "----") {
				continue
			}
			privateKey += scan.Text() + "\n"
		}
		runtime := &utils.Runtime{
			Host:           tea.StringValue(config.Host),
			Proxy:          tea.StringValue(config.Proxy),
			ReadTimeout:    tea.IntValue(config.Timeout),
			ConnectTimeout: tea.IntValue(config.ConnectTimeout),
			STSEndpoint:    tea.StringValue(config.STSEndpoint),
		}
		credential = newRsaKeyPairCredential(
			privateKey,
			tea.StringValue(config.PublicKeyId),
			tea.IntValue(config.SessionExpiration),
			runtime)
	case "bearer":
		if tea.StringValue(config.BearerToken) == "" {
			err = errors.New("BearerToken cannot be empty")
			return
		}
		credential = newBearerTokenCredential(tea.StringValue(config.BearerToken))
	default:
		err = errors.New("Invalid type option, support: access_key, sts, ecs_ram_role, ram_role_arn, rsa_key_pair")
		return
	}
	return credential, nil
}

func checkRSAKeyPair(config *Config) (err error) {
	if tea.StringValue(config.PrivateKeyFile) == "" {
		err = errors.New("PrivateKeyFile cannot be empty")
		return
	}
	if tea.StringValue(config.PublicKeyId) == "" {
		err = errors.New("PublicKeyId cannot be empty")
		return
	}
	return
}

func checkoutAssumeRamoidc(config *Config) (err error) {
	if tea.StringValue(config.RoleArn) == "" {
		err = errors.New("RoleArn cannot be empty")
		return
	}
	if tea.StringValue(config.OIDCProviderArn) == "" {
		err = errors.New("OIDCProviderArn cannot be empty")
		return
	}
	return
}

func checkRAMRoleArn(config *Config) (err error) {
	if tea.StringValue(config.AccessKeyId) == "" {
		err = errors.New("AccessKeyId cannot be empty")
		return
	}

	if tea.StringValue(config.AccessKeySecret) == "" {
		err = errors.New("AccessKeySecret cannot be empty")
		return
	}

	if tea.StringValue(config.RoleArn) == "" {
		err = errors.New("RoleArn cannot be empty")
		return
	}

	if tea.StringValue(config.RoleSessionName) == "" {
		err = errors.New("RoleSessionName cannot be empty")
		return
	}

	return
}

func checkEcsRAMRole(config *Config) (err error) {
	return
}

func checkSTS(config *Config) (err error) {
	if tea.StringValue(config.AccessKeyId) == "" {
		err = errors.New("AccessKeyId cannot be empty")
		return
	}
	if tea.StringValue(config.AccessKeySecret) == "" {
		err = errors.New("AccessKeySecret cannot be empty")
		return
	}
	if tea.StringValue(config.SecurityToken) == "" {
		err = errors.New("SecurityToken cannot be empty")
		return
	}
	return
}

func checkAccessKey(config *Config) (err error) {
	if tea.StringValue(config.AccessKeyId) == "" {
		err = errors.New("AccessKeyId cannot be empty")
		return
	}
	if tea.StringValue(config.AccessKeySecret) == "" {
		err = errors.New("AccessKeySecret cannot be empty")
		return
	}
	return
}

func doAction(request *request.CommonRequest, runtime *utils.Runtime) (content []byte, err error) {
	var urlEncoded string
	if request.BodyParams != nil {
		urlEncoded = utils.GetURLFormedMap(request.BodyParams)
	}
	httpRequest, err := http.NewRequest(request.Method, request.URL, strings.NewReader(urlEncoded))
	if err != nil {
		return
	}
	httpRequest.Proto = "HTTP/1.1"
	httpRequest.Host = request.Domain
	debuglog("> %s %s %s", httpRequest.Method, httpRequest.URL.RequestURI(), httpRequest.Proto)
	debuglog("> Host: %s", httpRequest.Host)
	for key, value := range request.Headers {
		if value != "" {
			debuglog("> %s: %s", key, value)
			httpRequest.Header[key] = []string{value}
		}
	}
	debuglog(">")
	httpClient := &http.Client{}
	httpClient.Timeout = time.Duration(runtime.ReadTimeout) * time.Second
	proxy := &url.URL{}
	if runtime.Proxy != "" {
		proxy, err = url.Parse(runtime.Proxy)
		if err != nil {
			return
		}
	}
	trans := &http.Transport{}
	if proxy != nil && runtime.Proxy != "" {
		trans.Proxy = http.ProxyURL(proxy)
	}
	trans.DialContext = utils.Timeout(time.Duration(runtime.ConnectTimeout) * time.Second)
	httpClient.Transport = trans
	httpResponse, err := hookDo(httpClient.Do)(httpRequest)
	if err != nil {
		return
	}
	debuglog("< %s %s", httpResponse.Proto, httpResponse.Status)
	for key, value := range httpResponse.Header {
		debuglog("< %s: %v", key, strings.Join(value, ""))
	}
	debuglog("<")

	resp := &response.CommonResponse{}
	err = hookParse(resp.ParseFromHTTPResponse(httpResponse))
	if err != nil {
		return
	}
	debuglog("%s", resp.GetHTTPContentString())
	if resp.GetHTTPStatus() != http.StatusOK {
		err = fmt.Errorf("httpStatus: %d, message = %s", resp.GetHTTPStatus(), resp.GetHTTPContentString())
		return
	}
	return resp.GetHTTPContentBytes(), nil
}


1			package credentials
2
3			import (
4			"bufio"
5			"errors"
6			"fmt"
7			"net/http"
8			"net/url"
9			"os"
10			"strings"
11			"time"
12
13			"github.com/alibabacloud-go/debug/debug"
14			"github.com/alibabacloud-go/tea/tea"
15			"github.com/aliyun/credentials-go/credentials/request"
16			"github.com/aliyun/credentials-go/credentials/response"
17			"github.com/aliyun/credentials-go/credentials/utils"
18			)
19
20			var debuglog = debug.Init("credential")
21
22			var hookParse = func(err error) error {
23			return err
24			}
25
26			// Credential is an interface for getting actual credential
27			type Credential interface {
28			// Deprecated: GetAccessKeyId is deprecated, use GetCredential instead of.
29			GetAccessKeyId() (*string, error)
30			// Deprecated: GetAccessKeySecret is deprecated, use GetCredential instead of.
31			GetAccessKeySecret() (*string, error)
32			// Deprecated: GetSecurityToken is deprecated, use GetCredential instead of.
33			GetSecurityToken() (*string, error)
34			GetBearerToken() *string
35			GetType() *string
36			GetCredential() (*CredentialModel, error)
37			}
38
39			// Config is important when call NewCredential
40			type Config struct {
41			Type *string `json:"type"`
42			AccessKeyId *string `json:"access_key_id"`
43			AccessKeySecret *string `json:"access_key_secret"`
44			OIDCProviderArn *string `json:"oidc_provider_arn"`
45			OIDCTokenFilePath *string `json:"oidc_token"`
46			RoleArn *string `json:"role_arn"`
47			RoleSessionName *string `json:"role_session_name"`
48			PublicKeyId *string `json:"public_key_id"`
49			RoleName *string `json:"role_name"`
50			EnableIMDSv2 *bool `json:"enable_imds_v2"`
51			MetadataTokenDuration *int `json:"metadata_token_duration"`
52			SessionExpiration *int `json:"session_expiration"`
53			PrivateKeyFile *string `json:"private_key_file"`
54			BearerToken *string `json:"bearer_token"`
55			SecurityToken *string `json:"security_token"`
56			RoleSessionExpiration *int `json:"role_session_expiratioon"`
57			Policy *string `json:"policy"`
58			Host *string `json:"host"`
59			Timeout *int `json:"timeout"`
60			ConnectTimeout *int `json:"connect_timeout"`
61			Proxy *string `json:"proxy"`
62			InAdvanceScale *float64 `json:"inAdvanceScale"`
63			Url *string `json:"url"`
64			STSEndpoint *string `json:"sts_endpoint"`
65			ExternalId *string `json:"external_id"`
66			}
67
68			func (s Config) String() string {
69			return tea.Prettify(s)
70			}
71
72			func (s Config) GoString() string {
73			return s.String()
74			}
75
76			func (s Config) SetAccessKeyId(v string) Config {
77			s.AccessKeyId = &v
78			return s
79			}
80
81			func (s Config) SetAccessKeySecret(v string) Config {
82			s.AccessKeySecret = &v
83			return s
84			}
85
86			func (s Config) SetSecurityToken(v string) Config {
87			s.SecurityToken = &v
88			return s
89			}
90
91			func (s Config) SetRoleArn(v string) Config {
92			s.RoleArn = &v
93			return s
94			}
95
96			func (s Config) SetRoleSessionName(v string) Config {
97			s.RoleSessionName = &v
98			return s
99			}
100
101			func (s Config) SetPublicKeyId(v string) Config {
102			s.PublicKeyId = &v
103			return s
104			}
105
106			func (s Config) SetRoleName(v string) Config {
107			s.RoleName = &v
108			return s
109			}
110
111			func (s Config) SetEnableIMDSv2(v bool) Config {
112			s.EnableIMDSv2 = &v
113			return s
114			}
115
116			func (s Config) SetMetadataTokenDuration(v int) Config {
117			s.MetadataTokenDuration = &v
118			return s
119			}
120
121			func (s Config) SetSessionExpiration(v int) Config {
122			s.SessionExpiration = &v
123			return s
124			}
125
126			func (s Config) SetPrivateKeyFile(v string) Config {
127			s.PrivateKeyFile = &v
128			return s
129			}
130
131			func (s Config) SetBearerToken(v string) Config {
132			s.BearerToken = &v
133			return s
134			}
135
136			func (s Config) SetRoleSessionExpiration(v int) Config {
137			s.RoleSessionExpiration = &v
138			return s
139			}
140
141			func (s Config) SetPolicy(v string) Config {
142			s.Policy = &v
143			return s
144			}
145
146			func (s Config) SetHost(v string) Config {
147			s.Host = &v
148			return s
149			}
150
151			func (s Config) SetTimeout(v int) Config {
152			s.Timeout = &v
153			return s
154			}
155
156			func (s Config) SetConnectTimeout(v int) Config {
157			s.ConnectTimeout = &v
158			return s
159			}
160
161			func (s Config) SetProxy(v string) Config {
162			s.Proxy = &v
163			return s
164			}
165
166			func (s Config) SetType(v string) Config {
167			s.Type = &v
168			return s
169			}
170
171			func (s Config) SetOIDCTokenFilePath(v string) Config {
172			s.OIDCTokenFilePath = &v
173			return s
174			}
175
176			func (s Config) SetOIDCProviderArn(v string) Config {
177			s.OIDCProviderArn = &v
178			return s
179			}
180
181			func (s Config) SetURLCredential(v string) Config {
182			if v == "" {
183			v = os.Getenv("ALIBABA_CLOUD_CREDENTIALS_URI")
184			}
185			s.Url = &v
186			return s
187			}
188
189			func (s Config) SetSTSEndpoint(v string) Config {
190			s.STSEndpoint = &v
191			return s
192			}
193
194			// NewCredential return a credential according to the type in config.
195			// if config is nil, the function will use default provider chain to get credential.
196			// please see README.md for detail.
197			func NewCredential(config *Config) (credential Credential, err error) {
198			if config == nil {
199			config, err = defaultChain.resolve()
200			if err != nil {
201			return
202			}
203			return NewCredential(config)
204			}
205			switch tea.StringValue(config.Type) {
206			case "credentials_uri":
207			credential = newURLCredential(tea.StringValue(config.Url))
208			case "oidc_role_arn":
209			err = checkoutAssumeRamoidc(config)
210			if err != nil {
211			return
212			}
213			runtime := &utils.Runtime{
214			Host: tea.StringValue(config.Host),
215			Proxy: tea.StringValue(config.Proxy),
216			ReadTimeout: tea.IntValue(config.Timeout),
217			ConnectTimeout: tea.IntValue(config.ConnectTimeout),
218			STSEndpoint: tea.StringValue(config.STSEndpoint),
219			}
220			credential = newOIDCRoleArnCredential(
221			tea.StringValue(config.AccessKeyId),
222			tea.StringValue(config.AccessKeySecret),
223			tea.StringValue(config.RoleArn),
224			tea.StringValue(config.OIDCProviderArn),
225			tea.StringValue(config.OIDCTokenFilePath),
226			tea.StringValue(config.RoleSessionName),
227			tea.StringValue(config.Policy),
228			tea.IntValue(config.RoleSessionExpiration),
229			runtime)
230			case "access_key":
231			err = checkAccessKey(config)
232			if err != nil {
233			return
234			}
235			credential = newAccessKeyCredential(
236			tea.StringValue(config.AccessKeyId),
237			tea.StringValue(config.AccessKeySecret))
238			case "sts":
239			err = checkSTS(config)
240			if err != nil {
241			return
242			}
243			credential = newStsTokenCredential(
244			tea.StringValue(config.AccessKeyId),
245			tea.StringValue(config.AccessKeySecret),
246			tea.StringValue(config.SecurityToken))
247			case "ecs_ram_role":
248			checkEcsRAMRole(config)
249			runtime := &utils.Runtime{
250			Host: tea.StringValue(config.Host),
251			Proxy: tea.StringValue(config.Proxy),
252			ReadTimeout: tea.IntValue(config.Timeout),
253			ConnectTimeout: tea.IntValue(config.ConnectTimeout),
254			}
255			credential = newEcsRAMRoleCredentialWithEnableIMDSv2(
256			tea.StringValue(config.RoleName),
257			tea.BoolValue(config.EnableIMDSv2),
258			tea.IntValue(config.MetadataTokenDuration),
259			tea.Float64Value(config.InAdvanceScale),
260			runtime)
261			case "ram_role_arn":
262			err = checkRAMRoleArn(config)
263			if err != nil {
264			return
265			}
266			runtime := &utils.Runtime{
267			Host: tea.StringValue(config.Host),
268			Proxy: tea.StringValue(config.Proxy),
269			ReadTimeout: tea.IntValue(config.Timeout),
270			ConnectTimeout: tea.IntValue(config.ConnectTimeout),
271			STSEndpoint: tea.StringValue(config.STSEndpoint),
272			}
273			credential = newRAMRoleArnWithExternalIdCredential(
274			tea.StringValue(config.AccessKeyId),
275			tea.StringValue(config.AccessKeySecret),
276			tea.StringValue(config.RoleArn),
277			tea.StringValue(config.RoleSessionName),
278			tea.StringValue(config.Policy),
279			tea.IntValue(config.RoleSessionExpiration),
280			tea.StringValue(config.ExternalId),
281			runtime)
282			case "rsa_key_pair":
283			err = checkRSAKeyPair(config)
284			if err != nil {
285			return
286			}
287			file, err1 := os.Open(tea.StringValue(config.PrivateKeyFile))
288			if err1 != nil {
289			err = fmt.Errorf("InvalidPath: Can not open PrivateKeyFile, err is %s", err1.Error())
290			return
291			}
292			defer file.Close()
293			var privateKey string
294			scan := bufio.NewScanner(file)
295			for scan.Scan() {
296			if strings.HasPrefix(scan.Text(), "----") {
297			continue
298			}
299			privateKey += scan.Text() + "\n"
300			}
301			runtime := &utils.Runtime{
302			Host: tea.StringValue(config.Host),
303			Proxy: tea.StringValue(config.Proxy),
304			ReadTimeout: tea.IntValue(config.Timeout),
305			ConnectTimeout: tea.IntValue(config.ConnectTimeout),
306			STSEndpoint: tea.StringValue(config.STSEndpoint),
307			}
308			credential = newRsaKeyPairCredential(
309			privateKey,
310			tea.StringValue(config.PublicKeyId),
311			tea.IntValue(config.SessionExpiration),
312			runtime)
313			case "bearer":
314			if tea.StringValue(config.BearerToken) == "" {
315			err = errors.New("BearerToken cannot be empty")
316			return
317			}
318			credential = newBearerTokenCredential(tea.StringValue(config.BearerToken))
319			default:
320			err = errors.New("Invalid type option, support: access_key, sts, ecs_ram_role, ram_role_arn, rsa_key_pair")
321			return
322			}
323			return credential, nil
324			}
325
326			func checkRSAKeyPair(config *Config) (err error) {
327			if tea.StringValue(config.PrivateKeyFile) == "" {
328			err = errors.New("PrivateKeyFile cannot be empty")
329			return
330			}
331			if tea.StringValue(config.PublicKeyId) == "" {
332			err = errors.New("PublicKeyId cannot be empty")
333			return
334			}
335			return
336			}
337
338			func checkoutAssumeRamoidc(config *Config) (err error) {
339			if tea.StringValue(config.RoleArn) == "" {
340			err = errors.New("RoleArn cannot be empty")
341			return
342			}
343			if tea.StringValue(config.OIDCProviderArn) == "" {
344			err = errors.New("OIDCProviderArn cannot be empty")
345			return
346			}
347			return
348			}
349
350			func checkRAMRoleArn(config *Config) (err error) {
351			if tea.StringValue(config.AccessKeyId) == "" {
352			err = errors.New("AccessKeyId cannot be empty")
353			return
354			}
355
356			if tea.StringValue(config.AccessKeySecret) == "" {
357			err = errors.New("AccessKeySecret cannot be empty")
358			return
359			}
360
361			if tea.StringValue(config.RoleArn) == "" {
362			err = errors.New("RoleArn cannot be empty")
363			return
364			}
365
366			if tea.StringValue(config.RoleSessionName) == "" {
367			err = errors.New("RoleSessionName cannot be empty")
368			return
369			}
370
371			return
372			}
373
374			func checkEcsRAMRole(config *Config) (err error) {
375			return
376			}
377
378			func checkSTS(config *Config) (err error) {
379			if tea.StringValue(config.AccessKeyId) == "" {
380			err = errors.New("AccessKeyId cannot be empty")
381			return
382			}
383			if tea.StringValue(config.AccessKeySecret) == "" {
384			err = errors.New("AccessKeySecret cannot be empty")
385			return
386			}
387			if tea.StringValue(config.SecurityToken) == "" {
388			err = errors.New("SecurityToken cannot be empty")
389			return
390			}
391			return
392			}
393
394			func checkAccessKey(config *Config) (err error) {
395			if tea.StringValue(config.AccessKeyId) == "" {
396			err = errors.New("AccessKeyId cannot be empty")
397			return
398			}
399			if tea.StringValue(config.AccessKeySecret) == "" {
400			err = errors.New("AccessKeySecret cannot be empty")
401			return
402			}
403			return
404			}
405
406			func doAction(request request.CommonRequest, runtime utils.Runtime) (content []byte, err error) {
407			var urlEncoded string
408			if request.BodyParams != nil {
409			urlEncoded = utils.GetURLFormedMap(request.BodyParams)
410			}
411			httpRequest, err := http.NewRequest(request.Method, request.URL, strings.NewReader(urlEncoded))
412			if err != nil {
413			return
414			}
415			httpRequest.Proto = "HTTP/1.1"
416			httpRequest.Host = request.Domain
417			debuglog("> %s %s %s", httpRequest.Method, httpRequest.URL.RequestURI(), httpRequest.Proto)
418			debuglog("> Host: %s", httpRequest.Host)
419			for key, value := range request.Headers {
420			if value != "" {
421			debuglog("> %s: %s", key, value)
422			httpRequest.Header[key] = []string{value}
423			}
424			}
425			debuglog(">")
426			httpClient := &http.Client{}
427			httpClient.Timeout = time.Duration(runtime.ReadTimeout) * time.Second
428			proxy := &url.URL{}
429			if runtime.Proxy != "" {
430			proxy, err = url.Parse(runtime.Proxy)
431			if err != nil {
432			return
433			}
434			}
435			trans := &http.Transport{}
436			if proxy != nil && runtime.Proxy != "" {
437			trans.Proxy = http.ProxyURL(proxy)
438			}
439			trans.DialContext = utils.Timeout(time.Duration(runtime.ConnectTimeout) * time.Second)
440			httpClient.Transport = trans
441			httpResponse, err := hookDo(httpClient.Do)(httpRequest)
442			if err != nil {
443			return
444			}
445			debuglog("< %s %s", httpResponse.Proto, httpResponse.Status)
446			for key, value := range httpResponse.Header {
447			debuglog("< %s: %v", key, strings.Join(value, ""))
448			}
449			debuglog("<")
450
451			resp := &response.CommonResponse{}
452			err = hookParse(resp.ParseFromHTTPResponse(httpResponse))
453			if err != nil {
454			return
455			}
456			debuglog("%s", resp.GetHTTPContentString())
457			if resp.GetHTTPStatus() != http.StatusOK {
458			err = fmt.Errorf("httpStatus: %d, message = %s", resp.GetHTTPStatus(), resp.GetHTTPContentString())
459			return
460			}
461			return resp.GetHTTPContentBytes(), nil
462			}
463

aliyun / credentials-go

GitHub Access Token became invalid

Push — master ( 461384...5f7217 )

credentials.*Config.SetAccessKeySecret A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like