From 5978cf20a382aaebf140a7b0e1e092a3c826d3cd Mon Sep 17 00:00:00 2001 From: Jackson Tian Date: Thu, 15 Aug 2024 14:16:57 +0800 Subject: [PATCH] Add env credentials provider --- .../credentials/env_credentials_provider.go | 45 +++++++++++++++++++ .../env_credentials_provider_test.go | 37 +++++++++++++++ 2 files changed, 82 insertions(+) create mode 100644 sdk/auth/credentials/env_credentials_provider.go create mode 100644 sdk/auth/credentials/env_credentials_provider_test.go diff --git a/sdk/auth/credentials/env_credentials_provider.go b/sdk/auth/credentials/env_credentials_provider.go new file mode 100644 index 0000000000..7403c34f68 --- /dev/null +++ b/sdk/auth/credentials/env_credentials_provider.go @@ -0,0 +1,45 @@ +package credentials + +import ( + "fmt" + "os" +) + +type EnvironmentVariableCredentialsProvider struct { +} + +func NewEnvironmentVariableCredentialsProvider() (provider *EnvironmentVariableCredentialsProvider) { + return &EnvironmentVariableCredentialsProvider{} +} + +func (provider *EnvironmentVariableCredentialsProvider) GetCredentials() (cc *Credentials, err error) { + accessKeyId := os.Getenv("ALIBABA_CLOUD_ACCESS_KEY_ID") + + if accessKeyId == "" { + err = fmt.Errorf("unable to get credentials from enviroment variables, Access key ID must be specified via environment variable (ALIBABA_CLOUD_ACCESS_KEY_ID)") + return + } + + accessKeySecret := os.Getenv("ALIBABA_CLOUD_ACCESS_KEY_SECRET") + + if accessKeySecret == "" { + err = fmt.Errorf("unable to get credentials from enviroment variables, Access key secret must be specified via environment variable (ALIBABA_CLOUD_ACCESS_KEY_SECRET)") + return + } + + securityToken := os.Getenv("ALIBABA_CLOUD_SECURITY_TOKEN") + + if securityToken == "" { + cc = &Credentials{ + AccessKeyId: accessKeyId, + AccessKeySecret: accessKeySecret, + } + } else { + cc = &Credentials{ + AccessKeyId: accessKeyId, + AccessKeySecret: accessKeySecret, + SecurityToken: securityToken, + } + } + return +} diff --git a/sdk/auth/credentials/env_credentials_provider_test.go b/sdk/auth/credentials/env_credentials_provider_test.go new file mode 100644 index 0000000000..d429fa2713 --- /dev/null +++ b/sdk/auth/credentials/env_credentials_provider_test.go @@ -0,0 +1,37 @@ +package credentials + +import ( + "os" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestEnvironmentVariableCredentialsProvider(t *testing.T) { + rollback := Memory("ALIBABA_CLOUD_ACCESS_KEY_ID", "ALIBABA_CLOUD_ACCESS_KEY_SECRET", "ALIBABA_CLOUD_SECURITY_TOKEN") + defer rollback() + + p := NewEnvironmentVariableCredentialsProvider() + assert.NotNil(t, p) + _, err := p.GetCredentials() + assert.EqualError(t, err, "unable to get credentials from enviroment variables, Access key ID must be specified via environment variable (ALIBABA_CLOUD_ACCESS_KEY_ID)") + os.Setenv("ALIBABA_CLOUD_ACCESS_KEY_ID", "akid") + _, err = p.GetCredentials() + assert.EqualError(t, err, "unable to get credentials from enviroment variables, Access key secret must be specified via environment variable (ALIBABA_CLOUD_ACCESS_KEY_SECRET)") + + os.Setenv("ALIBABA_CLOUD_ACCESS_KEY_SECRET", "aksecret") + cc, err := p.GetCredentials() + assert.Nil(t, err) + assert.Equal(t, "akid", cc.AccessKeyId) + assert.Equal(t, "aksecret", cc.AccessKeySecret) + assert.Equal(t, "", cc.SecurityToken) + assert.Equal(t, "", cc.BearerToken) + + os.Setenv("ALIBABA_CLOUD_SECURITY_TOKEN", "token") + cc, err = p.GetCredentials() + assert.Nil(t, err) + assert.Equal(t, "akid", cc.AccessKeyId) + assert.Equal(t, "aksecret", cc.AccessKeySecret) + assert.Equal(t, "token", cc.SecurityToken) + assert.Equal(t, "", cc.BearerToken) +}