diff options
Diffstat (limited to 'vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go')
-rw-r--r-- | vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go | 151 |
1 files changed, 151 insertions, 0 deletions
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go new file mode 100644 index 0000000..7fb7cbf --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go | |||
@@ -0,0 +1,151 @@ | |||
1 | package credentials | ||
2 | |||
3 | import ( | ||
4 | "fmt" | ||
5 | "os" | ||
6 | "path/filepath" | ||
7 | |||
8 | "github.com/go-ini/ini" | ||
9 | |||
10 | "github.com/aws/aws-sdk-go/aws/awserr" | ||
11 | ) | ||
12 | |||
13 | // SharedCredsProviderName provides a name of SharedCreds provider | ||
14 | const SharedCredsProviderName = "SharedCredentialsProvider" | ||
15 | |||
16 | var ( | ||
17 | // ErrSharedCredentialsHomeNotFound is emitted when the user directory cannot be found. | ||
18 | // | ||
19 | // @readonly | ||
20 | ErrSharedCredentialsHomeNotFound = awserr.New("UserHomeNotFound", "user home directory not found.", nil) | ||
21 | ) | ||
22 | |||
23 | // A SharedCredentialsProvider retrieves credentials from the current user's home | ||
24 | // directory, and keeps track if those credentials are expired. | ||
25 | // | ||
26 | // Profile ini file example: $HOME/.aws/credentials | ||
27 | type SharedCredentialsProvider struct { | ||
28 | // Path to the shared credentials file. | ||
29 | // | ||
30 | // If empty will look for "AWS_SHARED_CREDENTIALS_FILE" env variable. If the | ||
31 | // env value is empty will default to current user's home directory. | ||
32 | // Linux/OSX: "$HOME/.aws/credentials" | ||
33 | // Windows: "%USERPROFILE%\.aws\credentials" | ||
34 | Filename string | ||
35 | |||
36 | // AWS Profile to extract credentials from the shared credentials file. If empty | ||
37 | // will default to environment variable "AWS_PROFILE" or "default" if | ||
38 | // environment variable is also not set. | ||
39 | Profile string | ||
40 | |||
41 | // retrieved states if the credentials have been successfully retrieved. | ||
42 | retrieved bool | ||
43 | } | ||
44 | |||
45 | // NewSharedCredentials returns a pointer to a new Credentials object | ||
46 | // wrapping the Profile file provider. | ||
47 | func NewSharedCredentials(filename, profile string) *Credentials { | ||
48 | return NewCredentials(&SharedCredentialsProvider{ | ||
49 | Filename: filename, | ||
50 | Profile: profile, | ||
51 | }) | ||
52 | } | ||
53 | |||
54 | // Retrieve reads and extracts the shared credentials from the current | ||
55 | // users home directory. | ||
56 | func (p *SharedCredentialsProvider) Retrieve() (Value, error) { | ||
57 | p.retrieved = false | ||
58 | |||
59 | filename, err := p.filename() | ||
60 | if err != nil { | ||
61 | return Value{ProviderName: SharedCredsProviderName}, err | ||
62 | } | ||
63 | |||
64 | creds, err := loadProfile(filename, p.profile()) | ||
65 | if err != nil { | ||
66 | return Value{ProviderName: SharedCredsProviderName}, err | ||
67 | } | ||
68 | |||
69 | p.retrieved = true | ||
70 | return creds, nil | ||
71 | } | ||
72 | |||
73 | // IsExpired returns if the shared credentials have expired. | ||
74 | func (p *SharedCredentialsProvider) IsExpired() bool { | ||
75 | return !p.retrieved | ||
76 | } | ||
77 | |||
78 | // loadProfiles loads from the file pointed to by shared credentials filename for profile. | ||
79 | // The credentials retrieved from the profile will be returned or error. Error will be | ||
80 | // returned if it fails to read from the file, or the data is invalid. | ||
81 | func loadProfile(filename, profile string) (Value, error) { | ||
82 | config, err := ini.Load(filename) | ||
83 | if err != nil { | ||
84 | return Value{ProviderName: SharedCredsProviderName}, awserr.New("SharedCredsLoad", "failed to load shared credentials file", err) | ||
85 | } | ||
86 | iniProfile, err := config.GetSection(profile) | ||
87 | if err != nil { | ||
88 | return Value{ProviderName: SharedCredsProviderName}, awserr.New("SharedCredsLoad", "failed to get profile", err) | ||
89 | } | ||
90 | |||
91 | id, err := iniProfile.GetKey("aws_access_key_id") | ||
92 | if err != nil { | ||
93 | return Value{ProviderName: SharedCredsProviderName}, awserr.New("SharedCredsAccessKey", | ||
94 | fmt.Sprintf("shared credentials %s in %s did not contain aws_access_key_id", profile, filename), | ||
95 | err) | ||
96 | } | ||
97 | |||
98 | secret, err := iniProfile.GetKey("aws_secret_access_key") | ||
99 | if err != nil { | ||
100 | return Value{ProviderName: SharedCredsProviderName}, awserr.New("SharedCredsSecret", | ||
101 | fmt.Sprintf("shared credentials %s in %s did not contain aws_secret_access_key", profile, filename), | ||
102 | nil) | ||
103 | } | ||
104 | |||
105 | // Default to empty string if not found | ||
106 | token := iniProfile.Key("aws_session_token") | ||
107 | |||
108 | return Value{ | ||
109 | AccessKeyID: id.String(), | ||
110 | SecretAccessKey: secret.String(), | ||
111 | SessionToken: token.String(), | ||
112 | ProviderName: SharedCredsProviderName, | ||
113 | }, nil | ||
114 | } | ||
115 | |||
116 | // filename returns the filename to use to read AWS shared credentials. | ||
117 | // | ||
118 | // Will return an error if the user's home directory path cannot be found. | ||
119 | func (p *SharedCredentialsProvider) filename() (string, error) { | ||
120 | if p.Filename == "" { | ||
121 | if p.Filename = os.Getenv("AWS_SHARED_CREDENTIALS_FILE"); p.Filename != "" { | ||
122 | return p.Filename, nil | ||
123 | } | ||
124 | |||
125 | homeDir := os.Getenv("HOME") // *nix | ||
126 | if homeDir == "" { // Windows | ||
127 | homeDir = os.Getenv("USERPROFILE") | ||
128 | } | ||
129 | if homeDir == "" { | ||
130 | return "", ErrSharedCredentialsHomeNotFound | ||
131 | } | ||
132 | |||
133 | p.Filename = filepath.Join(homeDir, ".aws", "credentials") | ||
134 | } | ||
135 | |||
136 | return p.Filename, nil | ||
137 | } | ||
138 | |||
139 | // profile returns the AWS shared credentials profile. If empty will read | ||
140 | // environment variable "AWS_PROFILE". If that is not set profile will | ||
141 | // return "default". | ||
142 | func (p *SharedCredentialsProvider) profile() string { | ||
143 | if p.Profile == "" { | ||
144 | p.Profile = os.Getenv("AWS_PROFILE") | ||
145 | } | ||
146 | if p.Profile == "" { | ||
147 | p.Profile = "default" | ||
148 | } | ||
149 | |||
150 | return p.Profile | ||
151 | } | ||