-
Notifications
You must be signed in to change notification settings - Fork 227
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
support for credential providers. (#518)
- Loading branch information
Showing
10 changed files
with
401 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,56 @@ | ||
| /* | ||
| * MinIO .NET Library for Amazon S3 Compatible Cloud Storage, | ||
| * (C) 2021 MinIO, Inc. | ||
| * | ||
| * Licensed under the Apache License, Version 2.0 (the "License"); | ||
| * you may not use this file except in compliance with the License. | ||
| * You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| using System; | ||
| using System.Threading.Tasks; | ||
|
|
||
| using Minio.Credentials; | ||
| using Minio.DataModel; | ||
| using Minio.Exceptions; | ||
|
|
||
| namespace Minio.Examples.Cases | ||
| { | ||
| public class ChainedCredentialProvider | ||
| { | ||
| // Establish Credentials with AWS Session token | ||
| public async static Task Run() | ||
| { | ||
| ChainedProvider provider = new ChainedProvider() | ||
| .AddProviders(new ClientProvider[]{new AWSEnvironmentProvider(), new MinioEnvironmentProvider()}); | ||
| //Chained provider definition here. | ||
| MinioClient minioClient = new MinioClient() | ||
| .WithEndpoint("s3.amazonaws.com") | ||
| .WithSSL() | ||
| .WithCredentialsProvider(provider) | ||
| .Build(); | ||
| try | ||
| { | ||
| StatObjectArgs statObjectArgs = new StatObjectArgs() | ||
| .WithBucket("my-bucket-name") | ||
| .WithObject("my-object-name"); | ||
| ObjectStat result = await minioClient.StatObjectAsync(statObjectArgs); | ||
| } | ||
| catch (MinioException me) | ||
| { | ||
| Console.WriteLine($"[Bucket] ChainedCredentialProvider example case encountered Exception: {me}"); | ||
| } | ||
| catch (Exception e) | ||
| { | ||
| Console.WriteLine($"[Bucket] ChainedCredentialProvider example case encountered Exception: {e}"); | ||
| } | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| /* | ||
| * MinIO .NET Library for Amazon S3 Compatible Cloud Storage, | ||
| * (C) 2021 MinIO, Inc. | ||
| * | ||
| * Licensed under the Apache License, Version 2.0 (the "License"); | ||
| * you may not use this file except in compliance with the License. | ||
| * You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
|
|
||
| using System; | ||
| using System.Threading.Tasks; | ||
| using Minio.DataModel; | ||
|
|
||
| namespace Minio.Credentials | ||
| { | ||
| public class AWSEnvironmentProvider : EnvironmentProvider | ||
| { | ||
| public override AccessCredentials GetCredentials() | ||
| { | ||
| AccessCredentials credentials = new AccessCredentials(GetAccessKey(), GetSecretKey(), GetEnvironmentVariable("AWS_SESSION_TOKEN"), default(DateTime)); | ||
| return credentials; | ||
| } | ||
|
|
||
| public override Task<AccessCredentials> GetCredentialsAsync() | ||
| { | ||
| throw new InvalidOperationException("Please use the non-async function GetCredentials()"); | ||
| } | ||
|
|
||
| protected string GetAccessKey() | ||
| { | ||
| string accessKey = Environment.GetEnvironmentVariable("AWS_ACCESS_KEY_ID"); | ||
| if (string.IsNullOrEmpty(accessKey) || string.IsNullOrWhiteSpace(accessKey)) | ||
| { | ||
| accessKey = Environment.GetEnvironmentVariable("AWS_ACCESS_KEY"); | ||
| } | ||
| return accessKey; | ||
| } | ||
|
|
||
| protected string GetSecretKey() | ||
| { | ||
| string secretKey = Environment.GetEnvironmentVariable("AWS_SECRET_ACCESS_KEY"); | ||
| if (string.IsNullOrEmpty(secretKey) || string.IsNullOrWhiteSpace(secretKey)) | ||
| { | ||
| secretKey = Environment.GetEnvironmentVariable("AWS_SECRET_KEY"); | ||
| } | ||
| return secretKey; | ||
| } | ||
|
|
||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,80 @@ | ||
| /* | ||
| * MinIO .NET Library for Amazon S3 Compatible Cloud Storage, | ||
| * (C) 2021 MinIO, Inc. | ||
| * | ||
| * Licensed under the Apache License, Version 2.0 (the "License"); | ||
| * you may not use this file except in compliance with the License. | ||
| * You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
|
|
||
| using System; | ||
| using System.Collections.Generic; | ||
| using System.Linq; | ||
| using System.Threading.Tasks; | ||
| using Minio.DataModel; | ||
|
|
||
| namespace Minio.Credentials | ||
| { | ||
| public class ChainedProvider : ClientProvider | ||
| { | ||
| internal List<ClientProvider> Providers { get; set; } | ||
| internal ClientProvider CurrentProvider { get; set; } | ||
| internal AccessCredentials Credentials { get; set; } | ||
|
|
||
| public ChainedProvider() | ||
| { | ||
| this.Providers = new List<ClientProvider>(); | ||
| } | ||
|
|
||
| public ChainedProvider AddProvider(ClientProvider provider) | ||
| { | ||
| this.Providers.Add(provider); | ||
| return this; | ||
| } | ||
|
|
||
| public ChainedProvider AddProviders(ClientProvider[] providers) | ||
| { | ||
| this.Providers.AddRange(providers.ToList()); | ||
| return this; | ||
| } | ||
|
|
||
| public override AccessCredentials GetCredentials() | ||
| { | ||
| if (this.Credentials != null && !this.Credentials.AreExpired()) | ||
| { | ||
| return this.Credentials; | ||
| } | ||
| if (this.CurrentProvider != null && !this.Credentials.AreExpired()) | ||
| { | ||
| this.Credentials = this.CurrentProvider.GetCredentials(); | ||
| return this.CurrentProvider.GetCredentials(); | ||
| } | ||
| foreach (var provider in this.Providers) | ||
| { | ||
| var credentials = provider.GetCredentials(); | ||
| if (credentials != null && !credentials.AreExpired()) | ||
| { | ||
| this.CurrentProvider = provider; | ||
| this.Credentials = credentials; | ||
| return credentials; | ||
| } | ||
| } | ||
| throw new InvalidOperationException("None of the assigned providers were able to provide valid credentials."); | ||
| } | ||
|
|
||
| public override async Task<AccessCredentials> GetCredentialsAsync() | ||
| { | ||
| AccessCredentials credentials = this.GetCredentials(); | ||
| await Task.Yield(); | ||
| return credentials; | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| /* | ||
| * MinIO .NET Library for Amazon S3 Compatible Cloud Storage, | ||
| * (C) 2021 MinIO, Inc. | ||
| * | ||
| * Licensed under the Apache License, Version 2.0 (the "License"); | ||
| * you may not use this file except in compliance with the License. | ||
| * You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
|
|
||
| using System; | ||
|
|
||
| namespace Minio.Credentials | ||
| { | ||
| public abstract class EnvironmentProvider : ClientProvider | ||
| { | ||
| internal string GetEnvironmentVariable(string env) | ||
| { | ||
| return Environment.GetEnvironmentVariable(env); | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| /* | ||
| * MinIO .NET Library for Amazon S3 Compatible Cloud Storage, | ||
| * (C) 2021 MinIO, Inc. | ||
| * | ||
| * Licensed under the Apache License, Version 2.0 (the "License"); | ||
| * you may not use this file except in compliance with the License. | ||
| * You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
|
|
||
| using System.Threading.Tasks; | ||
| using Minio.DataModel; | ||
|
|
||
| namespace Minio.Credentials | ||
| { | ||
| public abstract class ClientProvider | ||
| { | ||
| public abstract AccessCredentials GetCredentials(); | ||
| public abstract Task<AccessCredentials> GetCredentialsAsync(); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| /* | ||
| * MinIO .NET Library for Amazon S3 Compatible Cloud Storage, | ||
| * (C) 2021 MinIO, Inc. | ||
| * | ||
| * Licensed under the Apache License, Version 2.0 (the "License"); | ||
| * you may not use this file except in compliance with the License. | ||
| * You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
|
|
||
| using System; | ||
| using System.Threading.Tasks; | ||
|
|
||
| using Minio.DataModel; | ||
|
|
||
| namespace Minio.Credentials | ||
| { | ||
| public class MinioEnvironmentProvider : EnvironmentProvider | ||
| { | ||
| public override AccessCredentials GetCredentials() | ||
| { | ||
| AccessCredentials credentials = new AccessCredentials(GetEnvironmentVariable("MINIO_ACCESS_KEY"), GetEnvironmentVariable("MINIO_SECRET_KEY"), null, default(DateTime)); | ||
| return credentials; | ||
| } | ||
|
|
||
| public override async Task<AccessCredentials> GetCredentialsAsync() | ||
| { | ||
| AccessCredentials credentials = this.GetCredentials(); | ||
| await Task.Yield(); | ||
| return credentials; | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| /* | ||
| * MinIO .NET Library for Amazon S3 Compatible Cloud Storage, | ||
| * (C) 2021 MinIO, Inc. | ||
| * | ||
| * Licensed under the Apache License, Version 2.0 (the "License"); | ||
| * you may not use this file except in compliance with the License. | ||
| * You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
|
|
||
| using System; | ||
| using System.Xml.Serialization; | ||
|
|
||
| namespace Minio.DataModel | ||
| { | ||
| [Serializable] | ||
| [XmlRoot(ElementName = "Credentials")] | ||
| public class AccessCredentials | ||
| { | ||
| [XmlElement(ElementName = "AccessKeyId", IsNullable = true)] | ||
| public string AccessKey { get; set; } | ||
| [XmlElement(ElementName = "SecretAccessKey", IsNullable = true)] | ||
| public string SecretKey { get; set; } | ||
| [XmlElement(ElementName = "SessionToken", IsNullable = true)] | ||
| public string SessionToken { get; set; } | ||
| // Needs to be stored in ISO8601 format from Datetime | ||
| [XmlElement(ElementName = "Expiration", IsNullable = true)] | ||
| public string Expiration { get; set; } | ||
| public AccessCredentials(string accessKey, string secretKey, | ||
| string sessionToken, DateTime expiration) | ||
| { | ||
| if (string.IsNullOrEmpty(accessKey) || string.IsNullOrEmpty(secretKey) || | ||
| string.IsNullOrWhiteSpace(accessKey) || string.IsNullOrWhiteSpace(secretKey)) | ||
| { | ||
| throw new ArgumentNullException(nameof(this.AccessKey) + " and " + nameof(this.SecretKey) + " cannot be null or empty."); | ||
| } | ||
| this.AccessKey = accessKey; | ||
| this.SecretKey = secretKey; | ||
| this.SessionToken = sessionToken; | ||
| this.Expiration = (expiration.Equals(default(DateTime)))?null:utils.To8601String(expiration); | ||
| } | ||
|
|
||
| public bool AreExpired() | ||
| { | ||
| if (string.IsNullOrEmpty(this.Expiration)) | ||
| { | ||
| return false; | ||
| } | ||
| DateTime expiry = utils.From8601String(this.Expiration); | ||
| return DateTime.Now.CompareTo(expiry) > 0; | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.