From 7a8902a5cefb679bdf3ad8fdc2aa9d00c5fb73a2 Mon Sep 17 00:00:00 2001 From: Chase Miller Date: Sun, 13 Apr 2025 15:15:23 -0400 Subject: [PATCH] Introduce IAWSCredentialsFactory. Update ClientFactory to use it. --- .../AWSOptions.cs | 7 +- .../ClientFactory.cs | 50 +------------ .../DefaultAWSCredentialsFactory.cs | 73 +++++++++++++++++++ .../IAWSCredentialsFactory.cs | 15 ++++ 4 files changed, 97 insertions(+), 48 deletions(-) create mode 100644 extensions/src/AWSSDK.Extensions.NETCore.Setup/DefaultAWSCredentialsFactory.cs create mode 100644 extensions/src/AWSSDK.Extensions.NETCore.Setup/IAWSCredentialsFactory.cs diff --git a/extensions/src/AWSSDK.Extensions.NETCore.Setup/AWSOptions.cs b/extensions/src/AWSSDK.Extensions.NETCore.Setup/AWSOptions.cs index e137c66fd175..3b20c866457d 100644 --- a/extensions/src/AWSSDK.Extensions.NETCore.Setup/AWSOptions.cs +++ b/extensions/src/AWSSDK.Extensions.NETCore.Setup/AWSOptions.cs @@ -13,7 +13,7 @@ * permissions and limitations under the License. */ using Amazon.Runtime; - +using AWSSDK.Extensions.NETCore.Setup; using Microsoft.Extensions.Logging; namespace Amazon.Extensions.NETCore.Setup @@ -55,6 +55,11 @@ public class AWSOptions /// public string ExternalId { get; set; } + /// + /// + /// + public IAWSCredentialsFactory CredentialsFactory { get; set; } + /// /// AWS Credentials used for creating service clients. If this is set it overrides the Profile property. /// diff --git a/extensions/src/AWSSDK.Extensions.NETCore.Setup/ClientFactory.cs b/extensions/src/AWSSDK.Extensions.NETCore.Setup/ClientFactory.cs index 26c402eada88..d1f84c78d2cb 100644 --- a/extensions/src/AWSSDK.Extensions.NETCore.Setup/ClientFactory.cs +++ b/extensions/src/AWSSDK.Extensions.NETCore.Setup/ClientFactory.cs @@ -21,6 +21,7 @@ using Amazon.Runtime; using Amazon.Runtime.CredentialManagement; using Amazon.Runtime.Credentials.Internal; +using AWSSDK.Extensions.NETCore.Setup; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Logging; @@ -83,7 +84,8 @@ internal object CreateServiceClient(IServiceProvider provider) internal IAmazonService CreateServiceClient(ILogger logger, AWSOptions options) { PerformGlobalConfig(logger, options); - var credentials = CreateCredentials(logger, options); + var credentialsFactory = options.CredentialsFactory ?? new DefaultAWSCredentialsFactory(options, logger); + var credentials = credentialsFactory.Create(); if (!string.IsNullOrEmpty(options?.SessionRoleArn)) { @@ -165,52 +167,6 @@ private static AmazonServiceClient CreateClient(AWSCredentials credentials, Clie #endif } - /// - /// Creates the AWSCredentials using either the profile indicated from the AWSOptions object - /// of the SDK fallback credentials search. - /// - /// - /// - /// - private static AWSCredentials CreateCredentials(ILogger logger, AWSOptions options) - { - if (options != null) - { - if (options.Credentials != null) - { - logger?.LogInformation("Using AWS credentials specified with the AWSOptions.Credentials property"); - return options.Credentials; - } - if (!string.IsNullOrEmpty(options.Profile)) - { - var chain = new CredentialProfileStoreChain(options.ProfilesLocation); - AWSCredentials result; - if (chain.TryGetAWSCredentials(options.Profile, out result)) - { - logger?.LogInformation($"Found AWS credentials for the profile {options.Profile}"); - return result; - } - else - { - logger?.LogInformation($"Failed to find AWS credentials for the profile {options.Profile}"); - } - } - } - - var credentials = DefaultIdentityResolverConfiguration.ResolveDefaultIdentity(); - if (credentials == null) - { - logger?.LogError("Last effort to find AWS Credentials with AWS SDK's default credential search failed"); - throw new AmazonClientException("Failed to find AWS Credentials for constructing AWS service client"); - } - else - { - logger?.LogInformation("Found credentials using the AWS SDK's default credential search"); - } - - return credentials; - } - /// /// Creates the ClientConfig object for the service client. /// diff --git a/extensions/src/AWSSDK.Extensions.NETCore.Setup/DefaultAWSCredentialsFactory.cs b/extensions/src/AWSSDK.Extensions.NETCore.Setup/DefaultAWSCredentialsFactory.cs new file mode 100644 index 000000000000..0d2c88f74e5b --- /dev/null +++ b/extensions/src/AWSSDK.Extensions.NETCore.Setup/DefaultAWSCredentialsFactory.cs @@ -0,0 +1,73 @@ +using Amazon.Extensions.NETCore.Setup; +using Amazon.Runtime; +using Amazon.Runtime.CredentialManagement; +using Amazon.Runtime.Credentials.Internal; +using Microsoft.Extensions.Logging; + +namespace AWSSDK.Extensions.NETCore.Setup +{ + /// + /// + /// + public class DefaultAWSCredentialsFactory : IAWSCredentialsFactory + { + private readonly AWSOptions _options; + private readonly ILogger _logger; + + /// + /// Creates the AWSCredentials using either the profile indicated from the AWSOptions object + /// of the SDK fallback credentials search. + /// + /// + /// + /// + public DefaultAWSCredentialsFactory(AWSOptions options, ILogger logger = null) + { + _options = options; + _logger = logger; + } + + /// + /// Creates the AWSCredentials using either AWSOptions.Credentials, AWSOptions.Profile + AWSOptions.ProfilesLocation, + /// or the SDK fallback credentials search. + /// + public AWSCredentials Create() + { + if (_options != null) + { + if (_options.Credentials != null) + { + _logger?.LogInformation("Using AWS credentials specified with the AWSOptions.Credentials property"); + return _options.Credentials; + } + if (!string.IsNullOrEmpty(_options.Profile)) + { + var chain = new CredentialProfileStoreChain(_options.ProfilesLocation); + AWSCredentials result; + if (chain.TryGetAWSCredentials(_options.Profile, out result)) + { + _logger?.LogInformation($"Found AWS credentials for the profile {_options.Profile}"); + return result; + } + else + { + _logger?.LogInformation($"Failed to find AWS credentials for the profile {_options.Profile}"); + } + } + } + + var credentials = DefaultIdentityResolverConfiguration.ResolveDefaultIdentity(); + if (credentials == null) + { + _logger?.LogError("Last effort to find AWS Credentials with AWS SDK's default credential search failed"); + throw new AmazonClientException("Failed to find AWS Credentials for constructing AWS service client"); + } + else + { + _logger?.LogInformation("Found credentials using the AWS SDK's default credential search"); + } + + return credentials; + } + } +} \ No newline at end of file diff --git a/extensions/src/AWSSDK.Extensions.NETCore.Setup/IAWSCredentialsFactory.cs b/extensions/src/AWSSDK.Extensions.NETCore.Setup/IAWSCredentialsFactory.cs new file mode 100644 index 000000000000..682b1015f3c8 --- /dev/null +++ b/extensions/src/AWSSDK.Extensions.NETCore.Setup/IAWSCredentialsFactory.cs @@ -0,0 +1,15 @@ +using Amazon.Runtime; + +namespace AWSSDK.Extensions.NETCore.Setup +{ + /// + /// + /// + public interface IAWSCredentialsFactory + { + /// + /// Creates AWSCredentials + /// + AWSCredentials Create(); + } +} \ No newline at end of file