From 8821911c65413a2f262dddf408e4b74c35a996fc Mon Sep 17 00:00:00 2001
From: Jackson Tian <shyvo1987@gmail.com>
Date: Thu, 29 Aug 2024 10:53:55 +0800
Subject: [PATCH 1/2] fix empty security token issue

---
 credentials/credential.go      | 2 +-
 credentials/credential_test.go | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/credentials/credential.go b/credentials/credential.go
index 76e96a8..5ffe6a1 100644
--- a/credentials/credential.go
+++ b/credentials/credential.go
@@ -259,7 +259,7 @@ func NewCredential(config *Config) (credential Credential, err error) {
 		credential = fromCredentialsProvider("ecs_ram_role", provider)
 	case "ram_role_arn":
 		var credentialsProvider providers.CredentialsProvider
-		if config.SecurityToken != nil {
+		if config.SecurityToken != nil && *config.SecurityToken != "" {
 			credentialsProvider, err = providers.NewStaticSTSCredentialsProviderBuilder().
 				WithAccessKeyId(tea.StringValue(config.AccessKeyId)).
 				WithAccessKeySecret(tea.StringValue(config.AccessKeySecret)).
diff --git a/credentials/credential_test.go b/credentials/credential_test.go
index c41f71c..b509c39 100644
--- a/credentials/credential_test.go
+++ b/credentials/credential_test.go
@@ -210,6 +210,12 @@ func TestNewCredentialWithRAMRoleARN(t *testing.T) {
 	cred, err = NewCredential(config)
 	assert.Nil(t, err)
 	assert.NotNil(t, cred)
+
+	// empty security token should ok
+	config.SetSecurityToken("")
+	cred, err = NewCredential(config)
+	assert.Nil(t, err)
+	assert.NotNil(t, cred)
 }
 
 func TestNewCredentialWithBearerToken(t *testing.T) {

From cede1961d155d6d0533959209778b4806888f8da Mon Sep 17 00:00:00 2001
From: Jackson Tian <shyvo1987@gmail.com>
Date: Thu, 29 Aug 2024 10:58:58 +0800
Subject: [PATCH 2/2] add test case for ram role arn with sts token

---
 credentials/credential_test.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/credentials/credential_test.go b/credentials/credential_test.go
index b509c39..6243914 100644
--- a/credentials/credential_test.go
+++ b/credentials/credential_test.go
@@ -216,6 +216,12 @@ func TestNewCredentialWithRAMRoleARN(t *testing.T) {
 	cred, err = NewCredential(config)
 	assert.Nil(t, err)
 	assert.NotNil(t, cred)
+
+	// with sts should ok
+	config.SetSecurityToken("securitytoken")
+	cred, err = NewCredential(config)
+	assert.Nil(t, err)
+	assert.NotNil(t, cred)
 }
 
 func TestNewCredentialWithBearerToken(t *testing.T) {