Merge pull request #5 from aliyun/support_get_role_name

Supported get Role Name automatically

CHANGELOG.md

@@ -1,4 +1,7 @@
 # CHANGELOG
 
+## 1.0.1 - 2019-12-30
+- Supported get `Role Name` automatically.
+
 ## 1.0.0 - 2019-09-01
 - Initial release of the Alibaba Cloud Credentials for PHP Version 1.0.0 on Packagist See <https://github.com/aliyun/credentials-php> for more information.

README-zh-CN.md

@@ -65,6 +65,9 @@ $ecsRamRole->getAccessKeyId();
 $ecsRamRole->getAccessKeySecret();
 $ecsRamRole->getSecurityToken();
 $ecsRamRole->getExpiration();
+$ecsRamRole->getRoleName();
+$ecsRamRole->getRoleNameFromMeta();
+// 注：`role_name` 非必填，不填则自动获取，建议设置，可以减少网络请求。
 
 
 // RAM Role ARN
@@ -112,7 +115,7 @@ access_key_secret = bar            # Secret
 
 [project1]
 type = ecs_ram_role                # 认证方式为 ecs_ram_role
-role_name = EcsRamRoleTest         # Role Name
+role_name = EcsRamRoleTest         # Role Name，非必填，不填则自动获取，建议设置，可以减少网络请求。
 
 [project2]
 type = ram_role_arn                # 认证方式为 ram_role_arn

README.md

@@ -26,6 +26,7 @@ If you have [Globally Install Composer](https://getcomposer.org/doc/00-intro.md#
 ```
 composer require alibabacloud/credentials
 ```
+> Some users may not be able to install due to network problems, you can switch to the [Alibaba Cloud Composer Mirror](https://developer.aliyun.com/composer).
 
 See [Installation](/docs/zh-CN/1-Installation.md) for details on installing through Composer and other means.
 
@@ -64,6 +65,9 @@ $ecsRamRole->getAccessKeyId();
 $ecsRamRole->getAccessKeySecret();
 $ecsRamRole->getSecurityToken();
 $ecsRamRole->getExpiration();
+$ecsRamRole->getRoleName();
+$ecsRamRole->getRoleNameFromMeta();
+// Note: `role_name` is optional. It will be retrieved automatically if not set. It is highly recommended to set it up to reduce requests.
 
 
 // RAM Role ARN
@@ -111,7 +115,7 @@ access_key_secret = bar            # Secret
 
 [project1]
 type = ecs_ram_role                # Authentication method is ecs_ram_role
-role_name = EcsRamRoleTest         # Role Name
+role_name = EcsRamRoleTest         # Role name, optional. It will be retrieved automatically if not set. It is highly recommended to set it up to reduce requests.
 
 [project2]
 type = ram_role_arn                # Authentication method is ram_role_arn
@@ -123,7 +127,7 @@ role_session_name = session_name
 [project3]
 type = rsa_key_pair                # Authentication method is rsa_key_pair
 public_key_id = publicKeyId        # Public Key ID
-private_key_file = /your/pk.pem    # Private Key 文件
+private_key_file = /your/pk.pem    # Private Key File
 ```
 
 ### 3. Instance RAM role

src/AccessKeyCredential.php

@@ -34,14 +34,6 @@ public function __construct($access_key_id, $access_key_secret)
         $this->accessKeySecret = $access_key_secret;
     }
 
-    /**
-     * @return ShaHmac1Signature
-     */
-    public function getSignature()
-    {
-        return new ShaHmac1Signature();
-    }
-
     /**
      * @return string
      */
@@ -65,4 +57,12 @@ public function __toString()
     {
         return "$this->accessKeyId#$this->accessKeySecret";
     }
+
+    /**
+     * @return ShaHmac1Signature
+     */
+    public function getSignature()
+    {
+        return new ShaHmac1Signature();
+    }
 }

src/BearerTokenCredential.php

@@ -10,7 +10,6 @@
 class BearerTokenCredential implements CredentialsInterface
 {
 
-
     /**
      * @var string
      */
@@ -28,14 +27,6 @@ public function __construct($bearerToken)
         $this->bearerToken = $bearerToken;
     }
 
-    /**
-     * @return BearerTokenSignature
-     */
-    public function getSignature()
-    {
-        return new BearerTokenSignature();
-    }
-
     /**
      * @return string
      */
@@ -51,4 +42,12 @@ public function __toString()
     {
         return "bearerToken#$this->bearerToken";
     }
+
+    /**
+     * @return BearerTokenSignature
+     */
+    public function getSignature()
+    {
+        return new BearerTokenSignature();
+    }
 }

src/Credential.php

@@ -2,10 +2,10 @@
 
 namespace AlibabaCloud\Credentials;
 
+use InvalidArgumentException;
 use ReflectionClass;
-use ReflectionParameter;
 use ReflectionException;
-use InvalidArgumentException;
+use ReflectionParameter;
 
 /**
  * Class Credential
@@ -63,14 +63,6 @@ public function __construct(array $config = [])
         }
     }
 
-    /**
-     * @return AccessKeyCredential|BearerTokenCredential|EcsRamRoleCredential|RamRoleArnCredential|RsaKeyPairCredential
-     */
-    public function getCredential()
-    {
-        return $this->credential;
-    }
-
     /**
      * @throws ReflectionException
      */
@@ -125,6 +117,14 @@ protected function getValue(ReflectionParameter $parameter)
         throw new InvalidArgumentException("Missing required {$parameter->name} option in config for {$this->type}");
     }
 
+    /**
+     * @return AccessKeyCredential|BearerTokenCredential|EcsRamRoleCredential|RamRoleArnCredential|RsaKeyPairCredential
+     */
+    public function getCredential()
+    {
+        return $this->credential;
+    }
+
     /**
      * @return array
      */

src/Credentials.php

@@ -2,9 +2,9 @@
 
 namespace AlibabaCloud\Credentials;
 
-use RuntimeException;
-use ReflectionException;
 use AlibabaCloud\Credentials\Providers\ChainProvider;
+use ReflectionException;
+use RuntimeException;
 
 /**
  * Class Credentials
@@ -58,6 +58,20 @@ private static function load()
         }
     }
 
+    /**
+     * Determine whether there is a credential.
+     *
+     * @param string $name
+     *
+     * @return bool
+     */
+    public static function has($name)
+    {
+        Filter::credentialName($name);
+
+        return isset(self::$credentials[\strtolower($name)]);
+    }
+
     public static function flush()
     {
         self::$credentials = [];
@@ -75,20 +89,6 @@ public static function all()
         return self::$credentials;
     }
 
-    /**
-     * Determine whether there is a credential.
-     *
-     * @param string $name
-     *
-     * @return bool
-     */
-    public static function has($name)
-    {
-        Filter::credentialName($name);
-
-        return isset(self::$credentials[\strtolower($name)]);
-    }
-
     /**
      * @param string $name
      * @param array  $credential

src/EcsRamRoleCredential.php

@@ -2,10 +2,13 @@
 
 namespace AlibabaCloud\Credentials;
 
+use AlibabaCloud\Credentials\Providers\EcsRamRoleProvider;
+use AlibabaCloud\Credentials\Request\Request;
+use AlibabaCloud\Credentials\Signature\ShaHmac1Signature;
 use Exception;
 use GuzzleHttp\Exception\GuzzleException;
-use AlibabaCloud\Credentials\Signature\ShaHmac1Signature;
-use AlibabaCloud\Credentials\Providers\EcsRamRoleProvider;
+use InvalidArgumentException;
+use RuntimeException;
 
 /**
  * Use the RAM role of an ECS instance to complete the authentication.
@@ -23,27 +26,61 @@ class EcsRamRoleCredential implements CredentialsInterface
      *
      * @param $role_name
      */
-    public function __construct($role_name)
+    public function __construct($role_name = null)
     {
         Filter::roleName($role_name);
 
         $this->roleName = $role_name;
     }
 
     /**
-     * @return ShaHmac1Signature
+     * @return string
+     * @throws GuzzleException
+     * @throws Exception
      */
-    public function getSignature()
+    public function getRoleName()
     {
-        return new ShaHmac1Signature();
+        if ($this->roleName !== null) {
+            return $this->roleName;
+        }
+
+        $this->roleName = $this->getRoleNameFromMeta();
+
+        return $this->roleName;
     }
 
     /**
      * @return string
+     * @throws Exception
      */
-    public function getRoleName()
+    public function getRoleNameFromMeta()
     {
-        return $this->roleName;
+        $options = [
+            'http_errors'     => false,
+            'timeout'         => 1,
+            'connect_timeout' => 1,
+        ];
+
+        $result = Request::createClient()->request(
+            'GET',
+            'http://100.100.100.200/latest/meta-data/ram/security-credentials/',
+            $options
+        );
+
+        if ($result->getStatusCode() === 404) {
+            throw new InvalidArgumentException('The role name was not found in the instance');
+        }
+
+        if ($result->getStatusCode() !== 200) {
+            throw new RuntimeException('Error retrieving credentials from result: ' . $result->getBody());
+        }
+
+        $role_name = (string)$result;
+        if (!$role_name) {
+            throw new RuntimeException('Error retrieving credentials from result is empty');
+        }
+
+        return $role_name;
     }
 
     /**
@@ -54,6 +91,14 @@ public function __toString()
         return "roleName#$this->roleName";
     }
 
+    /**
+     * @return ShaHmac1Signature
+     */
+    public function getSignature()
+    {
+        return new ShaHmac1Signature();
+    }
+
     /**
      * @return string
      * @throws Exception

src/Filter.php

@@ -82,21 +82,21 @@ public static function privateKeyFile($privateKeyFile)
     }
 
     /**
-     * @param $role_name
-     *
-     * @return string
+     * @param string|null $role_name
      */
     public static function roleName($role_name)
     {
+        if ($role_name === null) {
+            return;
+        }
+
         if (!is_string($role_name)) {
             throw new InvalidArgumentException('role_name must be a string');
         }
 
         if ($role_name === '') {
             throw new InvalidArgumentException('role_name cannot be empty');
         }
-
-        return $role_name;
     }
 
     /**

src/Helper.php

@@ -125,22 +125,6 @@ public static function env($key, $default = null)
         return self::envConversion($value);
     }
 
-    /**
-     * Gets the environment's HOME directory.
-     *
-     * @return null|string
-     */
-    public static function getHomeDirectory()
-    {
-        if (getenv('HOME')) {
-            return getenv('HOME');
-        }
-
-        return (getenv('HOMEDRIVE') && getenv('HOMEPATH'))
-            ? getenv('HOMEDRIVE') . getenv('HOMEPATH')
-            : null;
-    }
-
     /**
      * Return the default value of the given value.
      *
@@ -190,6 +174,22 @@ public static function envConversion($value)
         return isset($list[$key]) ? $list[$key] : $value;
     }
 
+    /**
+     * Gets the environment's HOME directory.
+     *
+     * @return null|string
+     */
+    public static function getHomeDirectory()
+    {
+        if (getenv('HOME')) {
+            return getenv('HOME');
+        }
+
+        return (getenv('HOMEDRIVE') && getenv('HOMEPATH'))
+            ? getenv('HOMEDRIVE') . getenv('HOMEPATH')
+            : null;
+    }
+
     /**
      * @param mixed ...$parameters
      *