From cd6b32d14a1ce8bc253c5c31f51bd1565144ef0f Mon Sep 17 00:00:00 2001 From: Jackson Tian Date: Mon, 19 Aug 2024 14:18:19 +0800 Subject: [PATCH] use internal static_ak/static_sts credentials provider --- credentials/credential.go | 117 ++++++++++++------ credentials/credential_test.go | 19 ++- credentials/internal/providers/credentials.go | 22 ++++ credentials/internal/providers/static_ak.go | 67 ++++++++++ .../internal/providers/static_ak_test.go | 56 +++++++++ credentials/internal/providers/static_sts.go | 83 +++++++++++++ .../internal/providers/static_sts_test.go | 66 ++++++++++ credentials/static_ak_credentials_provider.go | 50 -------- .../static_ak_credentials_provider_test.go | 34 ----- .../static_sts_credentials_provider.go | 53 -------- .../static_sts_credentials_provider_test.go | 33 ----- 11 files changed, 386 insertions(+), 214 deletions(-) create mode 100644 credentials/internal/providers/credentials.go create mode 100644 credentials/internal/providers/static_ak.go create mode 100644 credentials/internal/providers/static_ak_test.go create mode 100644 credentials/internal/providers/static_sts.go create mode 100644 credentials/internal/providers/static_sts_test.go delete mode 100644 credentials/static_ak_credentials_provider.go delete mode 100644 credentials/static_ak_credentials_provider_test.go delete mode 100644 credentials/static_sts_credentials_provider.go delete mode 100644 credentials/static_sts_credentials_provider_test.go diff --git a/credentials/credential.go b/credentials/credential.go index 2ab96f3..b532aa7 100644 --- a/credentials/credential.go +++ b/credentials/credential.go @@ -12,6 +12,7 @@ import ( "github.com/alibabacloud-go/debug/debug" "github.com/alibabacloud-go/tea/tea" + "github.com/aliyun/credentials-go/credentials/internal/providers" "github.com/aliyun/credentials-go/credentials/internal/utils" "github.com/aliyun/credentials-go/credentials/request" "github.com/aliyun/credentials-go/credentials/response" @@ -231,22 +232,26 @@ func NewCredential(config *Config) (credential Credential, err error) { return } case "access_key": - err = checkAccessKey(config) + provider, err := providers.NewStaticAKCredentialsProviderBuilder(). + WithAccessKeyId(tea.StringValue(config.AccessKeyId)). + WithAccessKeySecret(tea.StringValue(config.AccessKeySecret)). + Build() if err != nil { - return + return nil, err } - credential = newAccessKeyCredential( - tea.StringValue(config.AccessKeyId), - tea.StringValue(config.AccessKeySecret)) + + credential = fromCredentialsProvider("access_key", provider) case "sts": - err = checkSTS(config) + provider, err := providers.NewStaticSTSCredentialsProviderBuilder(). + WithAccessKeyId(tea.StringValue(config.AccessKeyId)). + WithAccessKeySecret(tea.StringValue(config.AccessKeySecret)). + WithSecurityToken(tea.StringValue(config.SecurityToken)). + Build() if err != nil { - return + return nil, err } - credential = NewStaticSTSCredentialsProvider( - tea.StringValue(config.AccessKeyId), - tea.StringValue(config.AccessKeySecret), - tea.StringValue(config.SecurityToken)) + + credential = fromCredentialsProvider("sts", provider) case "ecs_ram_role": runtime := &utils.Runtime{ Host: tea.StringValue(config.Host), @@ -373,34 +378,6 @@ func checkRAMRoleArn(config *Config) (err error) { return } -func checkSTS(config *Config) (err error) { - if tea.StringValue(config.AccessKeyId) == "" { - err = errors.New("AccessKeyId cannot be empty") - return - } - if tea.StringValue(config.AccessKeySecret) == "" { - err = errors.New("AccessKeySecret cannot be empty") - return - } - if tea.StringValue(config.SecurityToken) == "" { - err = errors.New("SecurityToken cannot be empty") - return - } - return -} - -func checkAccessKey(config *Config) (err error) { - if tea.StringValue(config.AccessKeyId) == "" { - err = errors.New("AccessKeyId cannot be empty") - return - } - if tea.StringValue(config.AccessKeySecret) == "" { - err = errors.New("AccessKeySecret cannot be empty") - return - } - return -} - func doAction(request *request.CommonRequest, runtime *utils.Runtime) (content []byte, err error) { var urlEncoded string if request.BodyParams != nil { @@ -458,3 +435,65 @@ func doAction(request *request.CommonRequest, runtime *utils.Runtime) (content [ } return resp.GetHTTPContentBytes(), nil } + +type credentialsProviderWrap struct { + typeName string + provider providers.CredentialsProvider +} + +func (cp *credentialsProviderWrap) GetAccessKeyId() (accessKeyId *string, err error) { + cc, err := cp.provider.GetCredentials() + if err != nil { + return + } + accessKeyId = &cc.AccessKeyId + return +} + +func (cp *credentialsProviderWrap) GetAccessKeySecret() (accessKeySecret *string, err error) { + cc, err := cp.provider.GetCredentials() + if err != nil { + return + } + accessKeySecret = &cc.AccessKeySecret + return +} + +func (cp *credentialsProviderWrap) GetSecurityToken() (securityToken *string, err error) { + cc, err := cp.provider.GetCredentials() + if err != nil { + return + } + securityToken = &cc.SecurityToken + return +} + +func (cp *credentialsProviderWrap) GetBearerToken() (bearerToken *string) { + return tea.String("") +} + +func (cp *credentialsProviderWrap) GetCredential() (cm *CredentialModel, err error) { + c, err := cp.provider.GetCredentials() + if err != nil { + return + } + + cm = &CredentialModel{ + AccessKeyId: &c.AccessKeyId, + AccessKeySecret: &c.AccessKeySecret, + SecurityToken: &c.SecurityToken, + Type: &c.ProviderName, + } + return +} + +func (cp *credentialsProviderWrap) GetType() *string { + return &cp.typeName +} + +func fromCredentialsProvider(typeName string, cp providers.CredentialsProvider) Credential { + return &credentialsProviderWrap{ + typeName: typeName, + provider: cp, + } +} diff --git a/credentials/credential_test.go b/credentials/credential_test.go index a33dbbc..ff9d805 100644 --- a/credentials/credential_test.go +++ b/credentials/credential_test.go @@ -47,14 +47,23 @@ func TestNewCredentialWithAK(t *testing.T) { config.SetType("access_key") cred, err := NewCredential(config) assert.NotNil(t, err) - assert.Equal(t, "AccessKeyId cannot be empty", err.Error()) + assert.Equal(t, "the access key id is empty", err.Error()) assert.Nil(t, cred) config.SetAccessKeyId("AccessKeyId") cred, err = NewCredential(config) assert.NotNil(t, err) - assert.Equal(t, "AccessKeySecret cannot be empty", err.Error()) + assert.Equal(t, "the access key secret is empty", err.Error()) assert.Nil(t, cred) + + config.SetAccessKeySecret("AccessKeySecret") + cred, err = NewCredential(config) + assert.Nil(t, err) + cm, err := cred.GetCredential() + assert.Nil(t, err) + assert.Equal(t, "AccessKeyId", *cm.AccessKeyId) + assert.Equal(t, "AccessKeySecret", *cm.AccessKeySecret) + assert.Equal(t, "", *cm.SecurityToken) } func TestNewCredentialWithSts(t *testing.T) { @@ -64,19 +73,19 @@ func TestNewCredentialWithSts(t *testing.T) { config.SetAccessKeyId("") cred, err := NewCredential(config) assert.NotNil(t, err) - assert.Equal(t, "AccessKeyId cannot be empty", err.Error()) + assert.Equal(t, "the access key id is empty", err.Error()) assert.Nil(t, cred) config.SetAccessKeyId("akid") cred, err = NewCredential(config) assert.NotNil(t, err) - assert.Equal(t, "AccessKeySecret cannot be empty", err.Error()) + assert.Equal(t, "the access key secret is empty", err.Error()) assert.Nil(t, cred) config.SetAccessKeySecret("aksecret") cred, err = NewCredential(config) assert.NotNil(t, err) - assert.Equal(t, "SecurityToken cannot be empty", err.Error()) + assert.Equal(t, "the security token is empty", err.Error()) assert.Nil(t, cred) config.SetSecurityToken("SecurityToken") diff --git a/credentials/internal/providers/credentials.go b/credentials/internal/providers/credentials.go new file mode 100644 index 0000000..26592fd --- /dev/null +++ b/credentials/internal/providers/credentials.go @@ -0,0 +1,22 @@ +package providers + +// 下一版本 Credentials 包 +// - 分离 bearer token +// - 从 config 传递迁移到真正的 credentials provider 模式 +// - 删除 GetAccessKeyId()/GetAccessKeySecret()/GetSecurityToken() 方法,只保留 GetCredentials() + +// The credentials struct +type Credentials struct { + AccessKeyId string + AccessKeySecret string + SecurityToken string + ProviderName string +} + +// The credentials provider interface, return credentials and provider name +type CredentialsProvider interface { + // Get credentials + GetCredentials() (*Credentials, error) + // Get credentials provider name + GetProviderName() string +} diff --git a/credentials/internal/providers/static_ak.go b/credentials/internal/providers/static_ak.go new file mode 100644 index 0000000..bd3660c --- /dev/null +++ b/credentials/internal/providers/static_ak.go @@ -0,0 +1,67 @@ +package providers + +import ( + "errors" + "os" +) + +type StaticAKCredentialsProvider struct { + accessKeyId string + accessKeySecret string +} + +type StaticAKCredentialsProviderBuilder struct { + provider *StaticAKCredentialsProvider +} + +func NewStaticAKCredentialsProviderBuilder() *StaticAKCredentialsProviderBuilder { + return &StaticAKCredentialsProviderBuilder{ + provider: &StaticAKCredentialsProvider{}, + } +} + +func (builder *StaticAKCredentialsProviderBuilder) WithAccessKeyId(accessKeyId string) *StaticAKCredentialsProviderBuilder { + builder.provider.accessKeyId = accessKeyId + return builder +} + +func (builder *StaticAKCredentialsProviderBuilder) WithAccessKeySecret(accessKeySecret string) *StaticAKCredentialsProviderBuilder { + builder.provider.accessKeySecret = accessKeySecret + return builder +} + +func (builder *StaticAKCredentialsProviderBuilder) Build() (provider *StaticAKCredentialsProvider, err error) { + if builder.provider.accessKeyId == "" { + builder.provider.accessKeyId = os.Getenv("ALIBABA_CLOUD_ACCESS_KEY_ID") + } + + if builder.provider.accessKeyId == "" { + err = errors.New("the access key id is empty") + return + } + + if builder.provider.accessKeySecret == "" { + builder.provider.accessKeySecret = os.Getenv("ALIBABA_CLOUD_ACCESS_KEY_SECRET") + } + + if builder.provider.accessKeySecret == "" { + err = errors.New("the access key secret is empty") + return + } + + provider = builder.provider + return +} + +func (provider *StaticAKCredentialsProvider) GetCredentials() (cc *Credentials, err error) { + cc = &Credentials{ + AccessKeyId: provider.accessKeyId, + AccessKeySecret: provider.accessKeySecret, + ProviderName: provider.GetProviderName(), + } + return +} + +func (provider *StaticAKCredentialsProvider) GetProviderName() string { + return "static_ak" +} diff --git a/credentials/internal/providers/static_ak_test.go b/credentials/internal/providers/static_ak_test.go new file mode 100644 index 0000000..935a072 --- /dev/null +++ b/credentials/internal/providers/static_ak_test.go @@ -0,0 +1,56 @@ +package providers + +import ( + "os" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestStaticAKCredentialsProvider(t *testing.T) { + _, err := NewStaticAKCredentialsProviderBuilder(). + Build() + assert.EqualError(t, err, "the access key id is empty") + + _, err = NewStaticAKCredentialsProviderBuilder(). + WithAccessKeyId("akid"). + Build() + assert.EqualError(t, err, "the access key secret is empty") + + provider, err := NewStaticAKCredentialsProviderBuilder(). + WithAccessKeyId("accessKeyId"). + WithAccessKeySecret("accessKeySecret"). + Build() + assert.Nil(t, err) + assert.Equal(t, "static_ak", provider.GetProviderName()) + + cred, err := provider.GetCredentials() + assert.Nil(t, err) + assert.Equal(t, "accessKeyId", cred.AccessKeyId) + assert.Equal(t, "accessKeySecret", cred.AccessKeySecret) + assert.Equal(t, "", cred.SecurityToken) + assert.Equal(t, "static_ak", cred.ProviderName) +} + +func TestStaticAKCredentialsProviderWithEnv(t *testing.T) { + originAKID := os.Getenv("ALIBABA_CLOUD_ACCESS_KEY_ID") + originAKSecret := os.Getenv("ALIBABA_CLOUD_ACCESS_KEY_SECRET") + defer func() { + os.Setenv("ALIBABA_CLOUD_ACCESS_KEY_ID", originAKID) + os.Setenv("ALIBABA_CLOUD_ACCESS_KEY_SECRET", originAKSecret) + }() + + os.Setenv("ALIBABA_CLOUD_ACCESS_KEY_ID", "akid_from_env") + os.Setenv("ALIBABA_CLOUD_ACCESS_KEY_SECRET", "aksecret_from_env") + provider, err := NewStaticAKCredentialsProviderBuilder(). + Build() + assert.Nil(t, err) + assert.Equal(t, "static_ak", provider.GetProviderName()) + + cred, err := provider.GetCredentials() + assert.Nil(t, err) + assert.Equal(t, "akid_from_env", cred.AccessKeyId) + assert.Equal(t, "aksecret_from_env", cred.AccessKeySecret) + assert.Equal(t, "", cred.SecurityToken) + assert.Equal(t, "static_ak", cred.ProviderName) +} diff --git a/credentials/internal/providers/static_sts.go b/credentials/internal/providers/static_sts.go new file mode 100644 index 0000000..ad57151 --- /dev/null +++ b/credentials/internal/providers/static_sts.go @@ -0,0 +1,83 @@ +package providers + +import ( + "errors" + "os" +) + +type StaticSTSCredentialsProvider struct { + accessKeyId string + accessKeySecret string + securityToken string +} + +type StaticSTSCredentialsProviderBuilder struct { + provider *StaticSTSCredentialsProvider +} + +func NewStaticSTSCredentialsProviderBuilder() *StaticSTSCredentialsProviderBuilder { + return &StaticSTSCredentialsProviderBuilder{ + provider: &StaticSTSCredentialsProvider{}, + } +} + +func (builder *StaticSTSCredentialsProviderBuilder) WithAccessKeyId(accessKeyId string) *StaticSTSCredentialsProviderBuilder { + builder.provider.accessKeyId = accessKeyId + return builder +} + +func (builder *StaticSTSCredentialsProviderBuilder) WithAccessKeySecret(accessKeySecret string) *StaticSTSCredentialsProviderBuilder { + builder.provider.accessKeySecret = accessKeySecret + return builder +} + +func (builder *StaticSTSCredentialsProviderBuilder) WithSecurityToken(securityToken string) *StaticSTSCredentialsProviderBuilder { + builder.provider.securityToken = securityToken + return builder +} + +func (builder *StaticSTSCredentialsProviderBuilder) Build() (provider *StaticSTSCredentialsProvider, err error) { + if builder.provider.accessKeyId == "" { + builder.provider.accessKeyId = os.Getenv("ALIBABA_CLOUD_ACCESS_KEY_ID") + } + + if builder.provider.accessKeyId == "" { + err = errors.New("the access key id is empty") + return + } + + if builder.provider.accessKeySecret == "" { + builder.provider.accessKeySecret = os.Getenv("ALIBABA_CLOUD_ACCESS_KEY_SECRET") + } + + if builder.provider.accessKeySecret == "" { + err = errors.New("the access key secret is empty") + return + } + + if builder.provider.securityToken == "" { + builder.provider.securityToken = os.Getenv("ALIBABA_CLOUD_SECURITY_TOKEN") + } + + if builder.provider.securityToken == "" { + err = errors.New("the security token is empty") + return + } + + provider = builder.provider + return +} + +func (provider *StaticSTSCredentialsProvider) GetCredentials() (cc *Credentials, err error) { + cc = &Credentials{ + AccessKeyId: provider.accessKeyId, + AccessKeySecret: provider.accessKeySecret, + SecurityToken: provider.securityToken, + ProviderName: provider.GetProviderName(), + } + return +} + +func (provider *StaticSTSCredentialsProvider) GetProviderName() string { + return "static_sts" +} diff --git a/credentials/internal/providers/static_sts_test.go b/credentials/internal/providers/static_sts_test.go new file mode 100644 index 0000000..d70041d --- /dev/null +++ b/credentials/internal/providers/static_sts_test.go @@ -0,0 +1,66 @@ +package providers + +import ( + "os" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestStaticSTSCredentialsProvider(t *testing.T) { + _, err := NewStaticSTSCredentialsProviderBuilder(). + Build() + assert.EqualError(t, err, "the access key id is empty") + + _, err = NewStaticSTSCredentialsProviderBuilder(). + WithAccessKeyId("akid"). + Build() + assert.EqualError(t, err, "the access key secret is empty") + + _, err = NewStaticSTSCredentialsProviderBuilder(). + WithAccessKeyId("akid"). + WithAccessKeySecret("aksecret"). + Build() + assert.EqualError(t, err, "the security token is empty") + + provider, err := NewStaticSTSCredentialsProviderBuilder(). + WithAccessKeyId("accessKeyId"). + WithAccessKeySecret("accessKeySecret"). + WithSecurityToken("securityToken"). + Build() + assert.Nil(t, err) + assert.Equal(t, "static_sts", provider.GetProviderName()) + + cred, err := provider.GetCredentials() + assert.Nil(t, err) + assert.Equal(t, "accessKeyId", cred.AccessKeyId) + assert.Equal(t, "accessKeySecret", cred.AccessKeySecret) + assert.Equal(t, "securityToken", cred.SecurityToken) + assert.Equal(t, "static_sts", cred.ProviderName) +} + +func TestStaticSTSCredentialsProviderWithEnv(t *testing.T) { + originAKID := os.Getenv("ALIBABA_CLOUD_ACCESS_KEY_ID") + originAKSecret := os.Getenv("ALIBABA_CLOUD_ACCESS_KEY_SECRET") + originToken := os.Getenv("ALIBABA_CLOUD_SECURITY_TOKEN") + defer func() { + os.Setenv("ALIBABA_CLOUD_ACCESS_KEY_ID", originAKID) + os.Setenv("ALIBABA_CLOUD_ACCESS_KEY_SECRET", originAKSecret) + os.Setenv("ALIBABA_CLOUD_SECURITY_TOKEN", originToken) + }() + + os.Setenv("ALIBABA_CLOUD_ACCESS_KEY_ID", "akid_from_env") + os.Setenv("ALIBABA_CLOUD_ACCESS_KEY_SECRET", "aksecret_from_env") + os.Setenv("ALIBABA_CLOUD_SECURITY_TOKEN", "token_from_env") + provider, err := NewStaticSTSCredentialsProviderBuilder(). + Build() + assert.Nil(t, err) + assert.Equal(t, "static_sts", provider.GetProviderName()) + + cred, err := provider.GetCredentials() + assert.Nil(t, err) + assert.Equal(t, "akid_from_env", cred.AccessKeyId) + assert.Equal(t, "aksecret_from_env", cred.AccessKeySecret) + assert.Equal(t, "token_from_env", cred.SecurityToken) + assert.Equal(t, "static_sts", cred.ProviderName) +} diff --git a/credentials/static_ak_credentials_provider.go b/credentials/static_ak_credentials_provider.go deleted file mode 100644 index 56933ae..0000000 --- a/credentials/static_ak_credentials_provider.go +++ /dev/null @@ -1,50 +0,0 @@ -package credentials - -import "github.com/alibabacloud-go/tea/tea" - -// StaticAKCredentialsProvider is a kind of credentials provider -type StaticAKCredentialsProvider struct { - AccessKeyId string - AccessKeySecret string -} - -func newAccessKeyCredential(accessKeyId, accessKeySecret string) *StaticAKCredentialsProvider { - return &StaticAKCredentialsProvider{ - AccessKeyId: accessKeyId, - AccessKeySecret: accessKeySecret, - } -} - -func (s *StaticAKCredentialsProvider) GetCredential() (*CredentialModel, error) { - credential := &CredentialModel{ - AccessKeyId: tea.String(s.AccessKeyId), - AccessKeySecret: tea.String(s.AccessKeySecret), - Type: tea.String("access_key"), - } - return credential, nil -} - -// GetAccessKeyId reutrns AccessKeyCreential's AccessKeyId -func (a *StaticAKCredentialsProvider) GetAccessKeyId() (*string, error) { - return tea.String(a.AccessKeyId), nil -} - -// GetAccessSecret reutrns AccessKeyCreential's AccessKeySecret -func (a *StaticAKCredentialsProvider) GetAccessKeySecret() (*string, error) { - return tea.String(a.AccessKeySecret), nil -} - -// GetSecurityToken is useless for AccessKeyCreential -func (a *StaticAKCredentialsProvider) GetSecurityToken() (*string, error) { - return tea.String(""), nil -} - -// GetBearerToken is useless for AccessKeyCreential -func (a *StaticAKCredentialsProvider) GetBearerToken() *string { - return tea.String("") -} - -// GetType reutrns AccessKeyCreential's type -func (a *StaticAKCredentialsProvider) GetType() *string { - return tea.String("access_key") -} diff --git a/credentials/static_ak_credentials_provider_test.go b/credentials/static_ak_credentials_provider_test.go deleted file mode 100644 index ca0d337..0000000 --- a/credentials/static_ak_credentials_provider_test.go +++ /dev/null @@ -1,34 +0,0 @@ -package credentials - -import ( - "testing" - - "github.com/stretchr/testify/assert" -) - -func Test_AccessKeyCredential(t *testing.T) { - auth := newAccessKeyCredential("accessKeyId", "accessKeySecret") - accessKeyId, err := auth.GetAccessKeyId() - assert.Nil(t, err) - assert.Equal(t, "accessKeyId", *accessKeyId) - - accessKeySecret, err := auth.GetAccessKeySecret() - assert.Nil(t, err) - assert.Equal(t, "accessKeySecret", *accessKeySecret) - - token, err := auth.GetSecurityToken() - assert.Nil(t, err) - assert.Equal(t, "", *token) - - assert.Equal(t, "", *auth.GetBearerToken()) - - assert.Equal(t, "access_key", *auth.GetType()) - - cred, err := auth.GetCredential() - assert.Nil(t, err) - assert.Equal(t, "accessKeyId", *cred.AccessKeyId) - assert.Equal(t, "accessKeySecret", *cred.AccessKeySecret) - assert.Nil(t, cred.SecurityToken) - assert.Nil(t, cred.BearerToken) - assert.Equal(t, "access_key", *cred.Type) -} diff --git a/credentials/static_sts_credentials_provider.go b/credentials/static_sts_credentials_provider.go deleted file mode 100644 index a89ae57..0000000 --- a/credentials/static_sts_credentials_provider.go +++ /dev/null @@ -1,53 +0,0 @@ -package credentials - -import "github.com/alibabacloud-go/tea/tea" - -// StsTokenCredential is a kind of credentials provider -type StaticSTSCredentialsProvider struct { - AccessKeyId string - AccessKeySecret string - SecurityToken string -} - -func NewStaticSTSCredentialsProvider(accessKeyId, accessKeySecret, securityToken string) *StaticSTSCredentialsProvider { - return &StaticSTSCredentialsProvider{ - AccessKeyId: accessKeyId, - AccessKeySecret: accessKeySecret, - SecurityToken: securityToken, - } -} - -func (s *StaticSTSCredentialsProvider) GetCredential() (*CredentialModel, error) { - credential := &CredentialModel{ - AccessKeyId: tea.String(s.AccessKeyId), - AccessKeySecret: tea.String(s.AccessKeySecret), - SecurityToken: tea.String(s.SecurityToken), - Type: tea.String("sts"), - } - return credential, nil -} - -// GetAccessKeyId reutrns StsTokenCredential's AccessKeyId -func (s *StaticSTSCredentialsProvider) GetAccessKeyId() (*string, error) { - return tea.String(s.AccessKeyId), nil -} - -// GetAccessSecret reutrns StsTokenCredential's AccessKeySecret -func (s *StaticSTSCredentialsProvider) GetAccessKeySecret() (*string, error) { - return tea.String(s.AccessKeySecret), nil -} - -// GetSecurityToken reutrns StsTokenCredential's SecurityToken -func (s *StaticSTSCredentialsProvider) GetSecurityToken() (*string, error) { - return tea.String(s.SecurityToken), nil -} - -// GetBearerToken is useless StsTokenCredential -func (s *StaticSTSCredentialsProvider) GetBearerToken() *string { - return tea.String("") -} - -// GetType reutrns StsTokenCredential's type -func (s *StaticSTSCredentialsProvider) GetType() *string { - return tea.String("sts") -} diff --git a/credentials/static_sts_credentials_provider_test.go b/credentials/static_sts_credentials_provider_test.go deleted file mode 100644 index 396183a..0000000 --- a/credentials/static_sts_credentials_provider_test.go +++ /dev/null @@ -1,33 +0,0 @@ -package credentials - -import ( - "testing" - - "github.com/stretchr/testify/assert" -) - -func Test_StsCredential(t *testing.T) { - auth := NewStaticSTSCredentialsProvider("accessKeyId", "accessKeySecret", "securityToken") - accessKeyId, err := auth.GetAccessKeyId() - assert.Nil(t, err) - assert.Equal(t, "accessKeyId", *accessKeyId) - - accessKeySecret, err := auth.GetAccessKeySecret() - assert.Nil(t, err) - assert.Equal(t, "accessKeySecret", *accessKeySecret) - - token, err := auth.GetSecurityToken() - assert.Nil(t, err) - assert.Equal(t, "securityToken", *token) - - assert.Equal(t, "", *auth.GetBearerToken()) - assert.Equal(t, "sts", *auth.GetType()) - - cred, err := auth.GetCredential() - assert.Nil(t, err) - assert.Equal(t, "accessKeyId", *cred.AccessKeyId) - assert.Equal(t, "accessKeySecret", *cred.AccessKeySecret) - assert.Equal(t, "securityToken", *cred.SecurityToken) - assert.Nil(t, cred.BearerToken) - assert.Equal(t, "sts", *cred.Type) -}