providers.*CLIProfileCredentialsProvider.getCredentialsProvider - Code Metrics - Inspection of "feat: support provider name in CredentialModel &&..." - aliyun/credentials-go - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( b73ef4...747592 )

unknown

created 2025-03-07 03:58 UTC

ider.getCredentialsProvider C

↳ Parent: credentials/providers/cli_profile.go

Complexity

Conditions

Size

Total Lines	65
Code Lines	58

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	10
eloc	58
nop	2
dl	0
loc	65
rs	5.5744
c	0
b	0
f	0

How to fix Long Method Complexity

Long Method

Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.

For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.

Commonly applied refactorings include:

If many parameters/temporary variables are present:
- Replace temporary variables with Query
- Introduce parameter object; often combined with preserve whole object
- If the above two are insufficient: Replace method with method object
If you have long conditionals: Decompose Conditional
Otherwise: Extract method

Complexity

Complex classes like providers.*CLIProfileCredentialsProvider.getCredentialsProvider often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes.

Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.

package providers

import (
	"encoding/json"
	"errors"
	"fmt"
	"io/ioutil"
	"os"
	"path"
	"strings"

	"github.com/aliyun/credentials-go/credentials/internal/utils"
)

type CLIProfileCredentialsProvider struct {
	profileName   string
	innerProvider CredentialsProvider
}

type CLIProfileCredentialsProviderBuilder struct {
	provider *CLIProfileCredentialsProvider
}

func (b *CLIProfileCredentialsProviderBuilder) WithProfileName(profileName string) *CLIProfileCredentialsProviderBuilder {
	b.provider.profileName = profileName
	return b
}

func (b *CLIProfileCredentialsProviderBuilder) Build() (provider *CLIProfileCredentialsProvider, err error) {
	// 优先级：
	// 1. 使用显示指定的 profileName
	// 2. 使用环境变量（ALIBABA_CLOUD_PROFILE）制定的 profileName
	// 3. 使用 CLI 配置中的当前 profileName
	if b.provider.profileName == "" {
		b.provider.profileName = os.Getenv("ALIBABA_CLOUD_PROFILE")
	}

	if strings.ToLower(os.Getenv("ALIBABA_CLOUD_CLI_PROFILE_DISABLED")) == "true" {
		err = errors.New("the CLI profile is disabled")
		return
	}

	provider = b.provider
	return
}

func NewCLIProfileCredentialsProviderBuilder() *CLIProfileCredentialsProviderBuilder {
	return &CLIProfileCredentialsProviderBuilder{
		provider: &CLIProfileCredentialsProvider{},
	}
}

type profile struct {
	Name            string `json:"name"`
	Mode            string `json:"mode"`
	AccessKeyID     string `json:"access_key_id"`
	AccessKeySecret string `json:"access_key_secret"`
	RegionID        string `json:"region_id"`
	RoleArn         string `json:"ram_role_arn"`
	RoleSessionName string `json:"ram_session_name"`
	DurationSeconds int    `json:"expired_seconds"`
	StsRegion       string `json:"sts_region"`
	EnableVpc       bool   `json:"enable_vpc"`
	SourceProfile   string `json:"source_profile"`
	RoleName        string `json:"ram_role_name"`
	OIDCTokenFile   string `json:"oidc_token_file"`
	OIDCProviderARN string `json:"oidc_provider_arn"`
	Policy          string `json:"policy"`
	ExternalId      string `json:"external_id"`
}

type configuration struct {
	Current  string     `json:"current"`
	Profiles []*profile `json:"profiles"`
}

func newConfigurationFromPath(cfgPath string) (conf *configuration, err error) {
	bytes, err := ioutil.ReadFile(cfgPath)
	if err != nil {
		err = fmt.Errorf("reading aliyun cli config from '%s' failed %v", cfgPath, err)
		return
	}

	conf = &configuration{}

	err = json.Unmarshal(bytes, conf)
	if err != nil {
		err = fmt.Errorf("unmarshal aliyun cli config from '%s' failed: %s", cfgPath, string(bytes))
		return
	}

	if conf.Profiles == nil || len(conf.Profiles) == 0 {
		err = fmt.Errorf("no any configured profiles in '%s'", cfgPath)
		return
	}

	return
}

func (conf *configuration) getProfile(name string) (profile *profile, err error) {
	for _, p := range conf.Profiles {
		if p.Name == name {
			profile = p
			return
		}
	}

	err = fmt.Errorf("unable to get profile with '%s'", name)
	return
}

func (provider *CLIProfileCredentialsProvider) getCredentialsProvider(conf *configuration, profileName string) (credentialsProvider CredentialsProvider, err error) {
	p, err := conf.getProfile(profileName)
	if err != nil {
		return
	}

	switch p.Mode {
	case "AK":
		credentialsProvider, err = NewStaticAKCredentialsProviderBuilder().
			WithAccessKeyId(p.AccessKeyID).
			WithAccessKeySecret(p.AccessKeySecret).
			Build()
	case "RamRoleArn":
		previousProvider, err1 := NewStaticAKCredentialsProviderBuilder().
			WithAccessKeyId(p.AccessKeyID).
			WithAccessKeySecret(p.AccessKeySecret).
			Build()
		if err1 != nil {
			return nil, err1
		}

		credentialsProvider, err = NewRAMRoleARNCredentialsProviderBuilder().
			WithCredentialsProvider(previousProvider).
			WithRoleArn(p.RoleArn).
			WithRoleSessionName(p.RoleSessionName).
			WithDurationSeconds(p.DurationSeconds).
			WithStsRegionId(p.StsRegion).
			WithEnableVpc(p.EnableVpc).
			WithPolicy(p.Policy).
			WithExternalId(p.ExternalId).
			Build()
	case "EcsRamRole":
		credentialsProvider, err = NewECSRAMRoleCredentialsProviderBuilder().WithRoleName(p.RoleName).Build()
	case "OIDC":
		credentialsProvider, err = NewOIDCCredentialsProviderBuilder().
			WithOIDCTokenFilePath(p.OIDCTokenFile).
			WithOIDCProviderARN(p.OIDCProviderARN).
			WithRoleArn(p.RoleArn).
			WithStsRegionId(p.StsRegion).
			WithEnableVpc(p.EnableVpc).
			WithDurationSeconds(p.DurationSeconds).
			WithRoleSessionName(p.RoleSessionName).
			WithPolicy(p.Policy).
			Build()
	case "ChainableRamRoleArn":
		previousProvider, err1 := provider.getCredentialsProvider(conf, p.SourceProfile)
		if err1 != nil {
			err = fmt.Errorf("get source profile failed: %s", err1.Error())
			return
		}
		credentialsProvider, err = NewRAMRoleARNCredentialsProviderBuilder().
			WithCredentialsProvider(previousProvider).
			WithRoleArn(p.RoleArn).
			WithRoleSessionName(p.RoleSessionName).
			WithDurationSeconds(p.DurationSeconds).
			WithStsRegionId(p.StsRegion).
			WithEnableVpc(p.EnableVpc).
			WithPolicy(p.Policy).
			WithExternalId(p.ExternalId).
			Build()
	default:
		err = fmt.Errorf("unsupported profile mode '%s'", p.Mode)
	}

	return
}

// 默认设置为 GetHomePath，测试时便于 mock
var getHomePath = utils.GetHomePath

func (provider *CLIProfileCredentialsProvider) GetCredentials() (cc *Credentials, err error) {
	if provider.innerProvider == nil {
		cfgPath := os.Getenv("ALIBABA_CLOUD_CONFIG_FILE")
		if cfgPath == "" {
			homeDir := getHomePath()
			if homeDir == "" {
				err = fmt.Errorf("cannot found home dir")
				return
			}

			cfgPath = path.Join(homeDir, ".aliyun/config.json")
		}

		conf, err1 := newConfigurationFromPath(cfgPath)
		if err1 != nil {
			err = err1
			return
		}

		if provider.profileName == "" {
			provider.profileName = conf.Current
		}

		provider.innerProvider, err = provider.getCredentialsProvider(conf, provider.profileName)
		if err != nil {
			return
		}
	}

	innerCC, err := provider.innerProvider.GetCredentials()
	if err != nil {
		return
	}

	providerName := innerCC.ProviderName
	if providerName == "" {
		providerName = provider.innerProvider.GetProviderName()
	}

	cc = &Credentials{
		AccessKeyId:     innerCC.AccessKeyId,
		AccessKeySecret: innerCC.AccessKeySecret,
		SecurityToken:   innerCC.SecurityToken,
		ProviderName:    fmt.Sprintf("%s/%s", provider.GetProviderName(), providerName),
	}

	return
}

func (provider *CLIProfileCredentialsProvider) GetProviderName() string {
	return "cli_profile"
}


1			package providers
2
3			import (
4			"encoding/json"
5			"errors"
6			"fmt"
7			"io/ioutil"
8			"os"
9			"path"
10			"strings"
11
12			"github.com/aliyun/credentials-go/credentials/internal/utils"
13			)
14
15			type CLIProfileCredentialsProvider struct {
16			profileName string
17			innerProvider CredentialsProvider
18			}
19
20			type CLIProfileCredentialsProviderBuilder struct {
21			provider *CLIProfileCredentialsProvider
22			}
23
24			func (b CLIProfileCredentialsProviderBuilder) WithProfileName(profileName string) CLIProfileCredentialsProviderBuilder {
25			b.provider.profileName = profileName
26			return b
27			}
28
29			func (b CLIProfileCredentialsProviderBuilder) Build() (provider CLIProfileCredentialsProvider, err error) {
30			// 优先级：
31			// 1. 使用显示指定的 profileName
32			// 2. 使用环境变量（ALIBABA_CLOUD_PROFILE）制定的 profileName
33			// 3. 使用 CLI 配置中的当前 profileName
34			if b.provider.profileName == "" {
35			b.provider.profileName = os.Getenv("ALIBABA_CLOUD_PROFILE")
36			}
37
38			if strings.ToLower(os.Getenv("ALIBABA_CLOUD_CLI_PROFILE_DISABLED")) == "true" {
39			err = errors.New("the CLI profile is disabled")
40			return
41			}
42
43			provider = b.provider
44			return
45			}
46
47			func NewCLIProfileCredentialsProviderBuilder() *CLIProfileCredentialsProviderBuilder {
48			return &CLIProfileCredentialsProviderBuilder{
49			provider: &CLIProfileCredentialsProvider{},
50			}
51			}
52
53			type profile struct {
54			Name string `json:"name"`
55			Mode string `json:"mode"`
56			AccessKeyID string `json:"access_key_id"`
57			AccessKeySecret string `json:"access_key_secret"`
58			RegionID string `json:"region_id"`
59			RoleArn string `json:"ram_role_arn"`
60			RoleSessionName string `json:"ram_session_name"`
61			DurationSeconds int `json:"expired_seconds"`
62			StsRegion string `json:"sts_region"`
63			EnableVpc bool `json:"enable_vpc"`
64			SourceProfile string `json:"source_profile"`
65			RoleName string `json:"ram_role_name"`
66			OIDCTokenFile string `json:"oidc_token_file"`
67			OIDCProviderARN string `json:"oidc_provider_arn"`
68			Policy string `json:"policy"`
69			ExternalId string `json:"external_id"`
70			}
71
72			type configuration struct {
73			Current string `json:"current"`
74			Profiles []*profile `json:"profiles"`
75			}
76
77			func newConfigurationFromPath(cfgPath string) (conf *configuration, err error) {
78			bytes, err := ioutil.ReadFile(cfgPath)
79			if err != nil {
80			err = fmt.Errorf("reading aliyun cli config from '%s' failed %v", cfgPath, err)
81			return
82			}
83
84			conf = &configuration{}
85
86			err = json.Unmarshal(bytes, conf)
87			if err != nil {
88			err = fmt.Errorf("unmarshal aliyun cli config from '%s' failed: %s", cfgPath, string(bytes))
89			return
90			}
91
92			if conf.Profiles == nil \|\| len(conf.Profiles) == 0 {
93			err = fmt.Errorf("no any configured profiles in '%s'", cfgPath)
94			return
95			}
96
97			return
98			}
99
100			func (conf configuration) getProfile(name string) (profile profile, err error) {
101			for _, p := range conf.Profiles {
102			if p.Name == name {
103			profile = p
104			return
105			}
106			}
107
108			err = fmt.Errorf("unable to get profile with '%s'", name)
109			return
110			}
111
112			func (provider CLIProfileCredentialsProvider) getCredentialsProvider(conf configuration, profileName string) (credentialsProvider CredentialsProvider, err error) {
113			p, err := conf.getProfile(profileName)
114			if err != nil {
115			return
116			}
117
118			switch p.Mode {
119			case "AK":
120			credentialsProvider, err = NewStaticAKCredentialsProviderBuilder().
121			WithAccessKeyId(p.AccessKeyID).
122			WithAccessKeySecret(p.AccessKeySecret).
123			Build()
124			case "RamRoleArn":
125			previousProvider, err1 := NewStaticAKCredentialsProviderBuilder().
126			WithAccessKeyId(p.AccessKeyID).
127			WithAccessKeySecret(p.AccessKeySecret).
128			Build()
129			if err1 != nil {
130			return nil, err1
131			}
132
133			credentialsProvider, err = NewRAMRoleARNCredentialsProviderBuilder().
134			WithCredentialsProvider(previousProvider).
135			WithRoleArn(p.RoleArn).
136			WithRoleSessionName(p.RoleSessionName).
137			WithDurationSeconds(p.DurationSeconds).
138			WithStsRegionId(p.StsRegion).
139			WithEnableVpc(p.EnableVpc).
140			WithPolicy(p.Policy).
141			WithExternalId(p.ExternalId).
142			Build()
143			case "EcsRamRole":
144			credentialsProvider, err = NewECSRAMRoleCredentialsProviderBuilder().WithRoleName(p.RoleName).Build()
145			case "OIDC":
146			credentialsProvider, err = NewOIDCCredentialsProviderBuilder().
147			WithOIDCTokenFilePath(p.OIDCTokenFile).
148			WithOIDCProviderARN(p.OIDCProviderARN).
149			WithRoleArn(p.RoleArn).
150			WithStsRegionId(p.StsRegion).
151			WithEnableVpc(p.EnableVpc).
152			WithDurationSeconds(p.DurationSeconds).
153			WithRoleSessionName(p.RoleSessionName).
154			WithPolicy(p.Policy).
155			Build()
156			case "ChainableRamRoleArn":
157			previousProvider, err1 := provider.getCredentialsProvider(conf, p.SourceProfile)
158			if err1 != nil {
159			err = fmt.Errorf("get source profile failed: %s", err1.Error())
160			return
161			}
162			credentialsProvider, err = NewRAMRoleARNCredentialsProviderBuilder().
163			WithCredentialsProvider(previousProvider).
164			WithRoleArn(p.RoleArn).
165			WithRoleSessionName(p.RoleSessionName).
166			WithDurationSeconds(p.DurationSeconds).
167			WithStsRegionId(p.StsRegion).
168			WithEnableVpc(p.EnableVpc).
169			WithPolicy(p.Policy).
170			WithExternalId(p.ExternalId).
171			Build()
172			default:
173			err = fmt.Errorf("unsupported profile mode '%s'", p.Mode)
174			}
175
176			return
177			}
178
179			// 默认设置为 GetHomePath，测试时便于 mock
180			var getHomePath = utils.GetHomePath
181
182			func (provider CLIProfileCredentialsProvider) GetCredentials() (cc Credentials, err error) {
183			if provider.innerProvider == nil {
184			cfgPath := os.Getenv("ALIBABA_CLOUD_CONFIG_FILE")
185			if cfgPath == "" {
186			homeDir := getHomePath()
187			if homeDir == "" {
188			err = fmt.Errorf("cannot found home dir")
189			return
190			}
191
192			cfgPath = path.Join(homeDir, ".aliyun/config.json")
193			}
194
195			conf, err1 := newConfigurationFromPath(cfgPath)
196			if err1 != nil {
197			err = err1
198			return
199			}
200
201			if provider.profileName == "" {
202			provider.profileName = conf.Current
203			}
204
205			provider.innerProvider, err = provider.getCredentialsProvider(conf, provider.profileName)
206			if err != nil {
207			return
208			}
209			}
210
211			innerCC, err := provider.innerProvider.GetCredentials()
212			if err != nil {
213			return
214			}
215
216			providerName := innerCC.ProviderName
217			if providerName == "" {
218			providerName = provider.innerProvider.GetProviderName()
219			}
220
221			cc = &Credentials{
222			AccessKeyId: innerCC.AccessKeyId,
223			AccessKeySecret: innerCC.AccessKeySecret,
224			SecurityToken: innerCC.SecurityToken,
225			ProviderName: fmt.Sprintf("%s/%s", provider.GetProviderName(), providerName),
226			}
227
228			return
229			}
230
231			func (provider *CLIProfileCredentialsProvider) GetProviderName() string {
232			return "cli_profile"
233			}
234

aliyun / credentials-go

GitHub Access Token became invalid

Push — master ( b73ef4...747592 )

ider.getCredentialsProvider C

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Complexity

Duplication Side-by-Side

Filter issues like