Struct: endpointcreds.Provider

import "../ibm-cos-sdk-go/aws/credentials/endpointcreds"

Overview

Provider satisfies the credentials.Provider interface, and is a client to retrieve credentials from an arbitrary endpoint.

Implemented Interfaces

s3crypto.Cipher, credentials.Provider, credentials.ProviderWithContext, s3manager.ReadSeekerWriteTo, s3manager.WriterReadFrom

Structure Field Summary

• AuthorizationToken string

  Optional authorization token value if set will be used as the value of the Authorization header of the endpoint credential request.

• Client *client.Client

  Requires a AWS Client to make HTTP requests to the endpoint with.

• ExpiryWindow time.Duration

  ExpiryWindow will allow the credentials to trigger refreshing prior to the credentials actually expiring.

Method Summary

• func (p *Provider) IsExpired() bool

  IsExpired returns true if the credentials retrieved are expired, or not yet retrieved.

• func (p *Provider) Retrieve() (credentials.Value, error)

  Retrieve will attempt to request the credentials from the endpoint the Provider was configured for.

• func (p *Provider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error)

  RetrieveWithContext will attempt to request the credentials from the endpoint the Provider was configured for.

Methods included from credentials.Expiry

credentials.Expiry.ExpiresAt(), credentials.Expiry.SetExpiration()

Structure Field Details

AuthorizationToken string

Optional authorization token value if set will be used as the value of the Authorization header of the endpoint credential request.

Client *client.Client

Requires a AWS Client to make HTTP requests to the endpoint with. the Endpoint the request will be made to is provided by the aws.Config's Endpoint value.

ExpiryWindow time.Duration

ExpiryWindow will allow the credentials to trigger refreshing prior to the credentials actually expiring. This is beneficial so race conditions with expiring credentials do not cause request to fail unexpectedly due to ExpiredTokenException exceptions.

So a ExpiryWindow of 10s would cause calls to IsExpired() to return true 10 seconds before the credentials are actually expired.

If ExpiryWindow is 0 or less it will be ignored.

Method Details

func (p *Provider) IsExpired() bool

IsExpired returns true if the credentials retrieved are expired, or not yet retrieved.

// File 'aws/credentials/endpointcreds/provider.go', line 111

func (p *Provider) IsExpired() bool {
	if p.staticCreds {
		return false
	}
	return p.Expiry.IsExpired()
}

func (p *Provider) Retrieve() (credentials.Value, error)

Retrieve will attempt to request the credentials from the endpoint the Provider was configured for. And error will be returned if the retrieval fails.

// File 'aws/credentials/endpointcreds/provider.go', line 120

func (p *Provider) Retrieve() (credentials.Value, error) {
	return p.RetrieveWithContext(aws.BackgroundContext())
}

func (p *Provider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error)

RetrieveWithContext will attempt to request the credentials from the endpoint the Provider was configured for. And error will be returned if the retrieval fails.

// File 'aws/credentials/endpointcreds/provider.go', line 126

func (p *Provider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) {
	resp, err := p.getCredentials(ctx)
	if err != nil {
		return credentials.Value{ProviderName: ProviderName},
			awserr.New("CredentialsEndpointError", "failed to load credentials", err)
	}

	if resp.Expiration != nil {
		p.SetExpiration(*resp.Expiration, p.ExpiryWindow)
	} else {
		p.staticCreds = true
	}

	return credentials.Value{
		AccessKeyID:     resp.AccessKeyID,
		SecretAccessKey: resp.SecretAccessKey,
		SessionToken:    resp.Token,
		ProviderName:    ProviderName,
	}, nil
}