Package com.google.auth.oauth2
Class InternalAwsSecurityCredentialsSupplier
- java.lang.Object
-
- com.google.auth.oauth2.InternalAwsSecurityCredentialsSupplier
-
- All Implemented Interfaces:
AwsSecurityCredentialsSupplier
,java.io.Serializable
class InternalAwsSecurityCredentialsSupplier extends java.lang.Object implements AwsSecurityCredentialsSupplier
Internal provider for retrieving AWS security credentials forAwsCredentials
to exchange for GCP access tokens. The credentials are retrieved either via environment variables or metadata endpoints.
-
-
Field Summary
Fields Modifier and Type Field Description (package private) static java.lang.String
AWS_ACCESS_KEY_ID
(package private) static java.lang.String
AWS_DEFAULT_REGION
(package private) static java.lang.String
AWS_IMDSV2_SESSION_TOKEN_HEADER
(package private) static java.lang.String
AWS_IMDSV2_SESSION_TOKEN_TTL
(package private) static java.lang.String
AWS_IMDSV2_SESSION_TOKEN_TTL_HEADER
(package private) static java.lang.String
AWS_REGION
(package private) static java.lang.String
AWS_SECRET_ACCESS_KEY
(package private) static java.lang.String
AWS_SESSION_TOKEN
private AwsCredentialSource
awsCredentialSource
private EnvironmentProvider
environmentProvider
private static long
serialVersionUID
private HttpTransportFactory
transportFactory
-
Constructor Summary
Constructors Constructor Description InternalAwsSecurityCredentialsSupplier(AwsCredentialSource awsCredentialSource, EnvironmentProvider environmentProvider, HttpTransportFactory transportFactory)
Constructor for InternalAwsSecurityCredentialsProvider
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description private boolean
canRetrieveRegionFromEnvironment()
private boolean
canRetrieveSecurityCredentialsFromEnvironment()
(package private) java.util.Map<java.lang.String,java.lang.Object>
createMetadataRequestHeaders(AwsCredentialSource awsCredentialSource)
AwsSecurityCredentials
getCredentials(ExternalAccountSupplierContext context)
Gets AWS security credentials.java.lang.String
getRegion(ExternalAccountSupplierContext context)
Gets the AWS region to use.private java.lang.String
retrieveResource(java.lang.String url, java.lang.String resourceName, java.lang.String requestMethod, java.util.Map<java.lang.String,java.lang.Object> headers, com.google.api.client.http.HttpContent content)
private java.lang.String
retrieveResource(java.lang.String url, java.lang.String resourceName, java.util.Map<java.lang.String,java.lang.Object> headers)
(package private) boolean
shouldUseMetadataServer()
-
-
-
Field Detail
-
serialVersionUID
private static final long serialVersionUID
- See Also:
- Constant Field Values
-
AWS_REGION
static final java.lang.String AWS_REGION
- See Also:
- Constant Field Values
-
AWS_DEFAULT_REGION
static final java.lang.String AWS_DEFAULT_REGION
- See Also:
- Constant Field Values
-
AWS_ACCESS_KEY_ID
static final java.lang.String AWS_ACCESS_KEY_ID
- See Also:
- Constant Field Values
-
AWS_SECRET_ACCESS_KEY
static final java.lang.String AWS_SECRET_ACCESS_KEY
- See Also:
- Constant Field Values
-
AWS_SESSION_TOKEN
static final java.lang.String AWS_SESSION_TOKEN
- See Also:
- Constant Field Values
-
AWS_IMDSV2_SESSION_TOKEN_HEADER
static final java.lang.String AWS_IMDSV2_SESSION_TOKEN_HEADER
- See Also:
- Constant Field Values
-
AWS_IMDSV2_SESSION_TOKEN_TTL_HEADER
static final java.lang.String AWS_IMDSV2_SESSION_TOKEN_TTL_HEADER
- See Also:
- Constant Field Values
-
AWS_IMDSV2_SESSION_TOKEN_TTL
static final java.lang.String AWS_IMDSV2_SESSION_TOKEN_TTL
- See Also:
- Constant Field Values
-
awsCredentialSource
private final AwsCredentialSource awsCredentialSource
-
environmentProvider
private EnvironmentProvider environmentProvider
-
transportFactory
private transient HttpTransportFactory transportFactory
-
-
Constructor Detail
-
InternalAwsSecurityCredentialsSupplier
InternalAwsSecurityCredentialsSupplier(AwsCredentialSource awsCredentialSource, EnvironmentProvider environmentProvider, HttpTransportFactory transportFactory)
Constructor for InternalAwsSecurityCredentialsProvider- Parameters:
awsCredentialSource
- the credential source to use.environmentProvider
- the environment provider to use for environment variables.transportFactory
- the transport factory to use for metadata requests.
-
-
Method Detail
-
getCredentials
public AwsSecurityCredentials getCredentials(ExternalAccountSupplierContext context) throws java.io.IOException
Description copied from interface:AwsSecurityCredentialsSupplier
Gets AWS security credentials.- Specified by:
getCredentials
in interfaceAwsSecurityCredentialsSupplier
- Parameters:
context
- relevant context from the calling credential.- Returns:
- valid AWS security credentials that can be exchanged for a GCP access token.
- Throws:
java.io.IOException
-
getRegion
public java.lang.String getRegion(ExternalAccountSupplierContext context) throws java.io.IOException
Description copied from interface:AwsSecurityCredentialsSupplier
Gets the AWS region to use.- Specified by:
getRegion
in interfaceAwsSecurityCredentialsSupplier
- Parameters:
context
- relevant context from the calling credential.- Returns:
- the AWS region that should be used for the credential.
- Throws:
java.io.IOException
-
canRetrieveRegionFromEnvironment
private boolean canRetrieveRegionFromEnvironment()
-
canRetrieveSecurityCredentialsFromEnvironment
private boolean canRetrieveSecurityCredentialsFromEnvironment()
-
shouldUseMetadataServer
boolean shouldUseMetadataServer()
-
retrieveResource
private java.lang.String retrieveResource(java.lang.String url, java.lang.String resourceName, java.util.Map<java.lang.String,java.lang.Object> headers) throws java.io.IOException
- Throws:
java.io.IOException
-
retrieveResource
private java.lang.String retrieveResource(java.lang.String url, java.lang.String resourceName, java.lang.String requestMethod, java.util.Map<java.lang.String,java.lang.Object> headers, @Nullable com.google.api.client.http.HttpContent content) throws java.io.IOException
- Throws:
java.io.IOException
-
createMetadataRequestHeaders
java.util.Map<java.lang.String,java.lang.Object> createMetadataRequestHeaders(AwsCredentialSource awsCredentialSource) throws java.io.IOException
- Throws:
java.io.IOException
-
-