refine ProfileCredentialsProvider

Author: JacksonTian

aliyun-java-sdk-core/src/main/java/com/aliyuncs/auth/AuthConstant.java

@@ -12,6 +12,7 @@ public class AuthConstant {
     public static final String INI_TYPE_RAM = "ecs_ram_role";
     public static final String INI_TYPE_ARN = "ram_role_arn";
     public static final String INI_TYPE_KEY_PAIR = "rsa_key_pair";
+    public static final String INI_TYPE_ACESS_KEY = "access_key";
     public static final String INI_PUBLIC_KEY_ID = "public_key_id";
     public static final String INI_PRIVATE_KEY_FILE = "private_key_file";
     public static final String INI_PRIVATE_KEY = "private_key";

aliyun-java-sdk-core/src/main/java/com/aliyuncs/auth/ProfileCredentialsProvider.java

@@ -12,11 +12,13 @@
 import java.util.Map;
 
 public class ProfileCredentialsProvider implements AlibabaCloudCredentialsProvider {
-    private static volatile Wini ini;
+    private final String filePath;
+    private volatile Wini ini;
+    private AlibabaCloudCredentialsProvider innerProvider;
 
-    private static Wini getIni(String filePath) throws IOException {
+    private Wini getIni(String filePath) throws IOException {
         if (null == ini) {
-            synchronized (ProfileCredentialsProvider.class) {
+            synchronized (this) {
                 if (null == ini) {
                     ini = new Wini(new File(filePath));
                 }
@@ -25,31 +27,61 @@ private static Wini getIni(String filePath) throws IOException {
         return ini;
     }
 
-    @Override
-    public AlibabaCloudCredentials getCredentials() throws ClientException {
-        String filePath = AuthUtils.getEnvironmentCredentialsFile();
-        if (filePath == null) {
+    // 本包可见
+    ProfileCredentialsProvider(String filePath) {
+        if (StringUtils.isEmpty(filePath)) {
             filePath = AuthConstant.DEFAULT_CREDENTIALS_FILE_PATH;
         }
-        if (filePath.isEmpty()) {
-            throw new ClientException("The specified credentials file is empty");
-        }
-        Wini ini;
-        try {
-            ini = getIni(filePath);
-        } catch (IOException e) {
-            return null;
-        }
-        Map<String, Map<String, String>> client = loadIni(ini);
-        Map<String, String> clientConfig = client.get(AuthUtils.getClientType());
+        this.filePath = filePath;
+    }
+
+    public ProfileCredentialsProvider() {
+        this(AuthUtils.getEnvironmentCredentialsFile());
+    }
+
+    private AlibabaCloudCredentialsProvider getCredentialsProvider(Map<String, String> clientConfig) throws ClientException {
         if (clientConfig == null) {
             throw new ClientException("Client is not open in the specified credentials file");
         }
-        CredentialsProviderFactory credentialsProviderFactory = new CredentialsProviderFactory();
-        return createCredential(clientConfig, credentialsProviderFactory);
+
+        String configType = clientConfig.get(AuthConstant.INI_TYPE);
+        if (StringUtils.isEmpty(configType)) {
+            throw new ClientException("The configured client type is empty");
+        }
+        if (AuthConstant.INI_TYPE_ARN.equals(configType)) {
+            return getSTSAssumeRoleSessionCredentialsProvider(clientConfig);
+        }
+        if (AuthConstant.INI_TYPE_KEY_PAIR.equals(configType)) {
+            return getSTSGetSessionAccessKeyCredentialsProvider(clientConfig);
+        }
+        if (AuthConstant.INI_TYPE_RAM.equals(configType)) {
+            return getInstanceProfileCredentialsProvider(clientConfig);
+        }
+        if (AuthConstant.INI_TYPE_ACESS_KEY.equals(configType)) {
+            return getStaticCredentialsProvider(clientConfig);
+        }
+
+        throw new ClientException(String.format("The configured client type %s is not supported", configType));
+    }
+
+    @Override
+    public AlibabaCloudCredentials getCredentials() throws ClientException {
+        // lazy load it
+        if (this.innerProvider == null) {
+            Wini ini;
+            try {
+                ini = getIni(filePath);
+            } catch (IOException e) {
+                throw new ClientException("Client is not open in the specified credentials file");
+            }
+            Map<String, Map<String, String>> client = loadIni(ini);
+            Map<String, String> clientConfig = client.get(AuthUtils.getClientType());
+            this.innerProvider = getCredentialsProvider(clientConfig);
+        }
+        return this.innerProvider.getCredentials();
     }
 
-    private Map<String, Map<String, String>> loadIni(Wini ini) {
+    private static Map<String, Map<String, String>> loadIni(Wini ini) {
         Map<String, Map<String, String>> client = new HashMap<String, Map<String, String>>();
         boolean enable;
         for (Map.Entry<String, Profile.Section> clientType : ini.entrySet()) {
@@ -65,78 +97,67 @@ private Map<String, Map<String, String>> loadIni(Wini ini) {
         return client;
     }
 
-    private AlibabaCloudCredentials createCredential(Map<String, String> clientConfig,
-                                                     CredentialsProviderFactory factory) throws ClientException {
-        String configType = clientConfig.get(AuthConstant.INI_TYPE);
-        if (StringUtils.isEmpty(configType)) {
-            throw new ClientException("The configured client type is empty");
-        }
-        if (AuthConstant.INI_TYPE_ARN.equals(configType)) {
-            return getSTSAssumeRoleSessionCredentials(clientConfig, factory);
-        }
-        if (AuthConstant.INI_TYPE_KEY_PAIR.equals(configType)) {
-            return getSTSGetSessionAccessKeyCredentials(clientConfig, factory);
-        }
-        if (AuthConstant.INI_TYPE_RAM.equals(configType)) {
-            return getInstanceProfileCredentials(clientConfig, factory);
-        }
-        String accessKeyId = clientConfig.get(AuthConstant.INI_ACCESS_KEY_ID);
-        String accessKeySecret = clientConfig.get(AuthConstant.INI_ACCESS_KEY_IDSECRET);
-        if (StringUtils.isEmpty(accessKeyId) || StringUtils.isEmpty(accessKeySecret)) {
-            return null;
-        }
-        return new BasicCredentials(accessKeyId, accessKeySecret);
-    }
-
-    private AlibabaCloudCredentials getSTSAssumeRoleSessionCredentials(Map<String, String> clientConfig,
-                                                                       CredentialsProviderFactory factory)
+    private static AlibabaCloudCredentialsProvider getSTSAssumeRoleSessionCredentialsProvider(Map<String, String> clientConfig)
             throws ClientException {
         String accessKeyId = clientConfig.get(AuthConstant.INI_ACCESS_KEY_ID);
+        if (StringUtils.isEmpty(accessKeyId)) {
+            throw new ClientException("The configured access_key_id is empty");
+        }
         String accessKeySecret = clientConfig.get(AuthConstant.INI_ACCESS_KEY_IDSECRET);
+        if (StringUtils.isEmpty(accessKeySecret)) {
+            throw new ClientException("The configured access_key_secret is empty");
+        }
         String roleSessionName = clientConfig.get(AuthConstant.INI_ROLE_SESSION_NAME);
+        if (StringUtils.isEmpty(roleSessionName)) {
+            throw new ClientException("The configured role_session_name is empty");
+        }
         String roleArn = clientConfig.get(AuthConstant.INI_ROLE_ARN);
+        if (StringUtils.isEmpty(roleArn)) {
+            throw new ClientException("The configured role_arn is empty");
+        }
         String regionId = clientConfig.get(AuthConstant.DEFAULT_REGION);
         String policy = clientConfig.get(AuthConstant.INI_POLICY);
-        if (StringUtils.isEmpty(accessKeyId) || StringUtils.isEmpty(accessKeySecret)) {
-            throw new ClientException("The configured access_key_id or access_key_secret is empty");
-        }
-        if (StringUtils.isEmpty(roleSessionName) || StringUtils.isEmpty(roleArn)) {
-            throw new ClientException("The configured role_session_name or role_arn is empty");
-        }
-        STSAssumeRoleSessionCredentialsProvider provider =
-                factory.createCredentialsProvider(new STSAssumeRoleSessionCredentialsProvider(accessKeyId,
-                        accessKeySecret, roleSessionName, roleArn, regionId, policy));
-        return provider.getCredentials();
+
+        return new STSAssumeRoleSessionCredentialsProvider(accessKeyId, accessKeySecret, roleSessionName, roleArn, regionId, policy);
     }
 
-    private AlibabaCloudCredentials getSTSGetSessionAccessKeyCredentials(Map<String, String> clientConfig,
-                                                                         CredentialsProviderFactory factory)
+    private static AlibabaCloudCredentialsProvider getSTSGetSessionAccessKeyCredentialsProvider(Map<String, String> clientConfig)
             throws ClientException {
         String publicKeyId = clientConfig.get(AuthConstant.INI_PUBLIC_KEY_ID);
+        if (StringUtils.isEmpty(publicKeyId)) {
+            throw new ClientException("The configured public_key_id is empty");
+        }
         String privateKeyFile = clientConfig.get(AuthConstant.INI_PRIVATE_KEY_FILE);
         if (StringUtils.isEmpty(privateKeyFile)) {
             throw new ClientException("The configured private_key_file is empty");
         }
         String privateKey = AuthUtils.readFile(privateKeyFile);
-        if (StringUtils.isEmpty(publicKeyId) || StringUtils.isEmpty(privateKey)) {
-            throw new ClientException("The configured public_key_id or private_key_file content is empty");
+        if (StringUtils.isEmpty(privateKey)) {
+            throw new ClientException("The configured private_key_file content is empty");
         }
-        STSGetSessionAccessKeyCredentialsProvider provider =
-                factory.createCredentialsProvider(new STSGetSessionAccessKeyCredentialsProvider(publicKeyId, privateKey));
-        return provider.getCredentials();
+
+        return new STSGetSessionAccessKeyCredentialsProvider(publicKeyId, privateKey);
     }
 
-    private AlibabaCloudCredentials getInstanceProfileCredentials(Map<String, String> clientConfig,
-                                                                  CredentialsProviderFactory factory)
-            throws ClientException {
+    private static AlibabaCloudCredentialsProvider getInstanceProfileCredentialsProvider(Map<String, String> clientConfig) throws ClientException {
         String roleName = clientConfig.get(AuthConstant.INI_ROLE_NAME);
         if (StringUtils.isEmpty(roleName)) {
             throw new ClientException("The configured role_name is empty");
         }
-        InstanceProfileCredentialsProvider provider =
-                factory.createCredentialsProvider(new InstanceProfileCredentialsProvider(roleName));
-        return provider.getCredentials();
+
+        return new InstanceProfileCredentialsProvider(roleName);
     }
 
+    private static AlibabaCloudCredentialsProvider getStaticCredentialsProvider(Map<String, String> clientConfig) throws ClientException {
+        String accessKeyId = clientConfig.get(AuthConstant.INI_ACCESS_KEY_ID);
+        if (StringUtils.isEmpty(accessKeyId)) {
+            throw new ClientException("The configured access_key_id is empty");
+        }
+        String accessKeySecret = clientConfig.get(AuthConstant.INI_ACCESS_KEY_IDSECRET);
+        if (StringUtils.isEmpty(accessKeySecret)) {
+            throw new ClientException("The configured access_key_secret is empty");
+        }
 
+        return new StaticCredentialsProvider(new BasicCredentials(accessKeyId, accessKeySecret));
+    }
 }