in src/main/java/com/aliyuncs/kms/secretsmanager/client/utils/CredentialsPropertiesUtils.java [134:180]
private static void initCredentialsProvider(CredentialsProperties credentialsProperties) {
AlibabaCloudCredentialsProvider credentialsProvider;
String credentialsType = credentialsProperties.getSourceProperties().getProperty(CacheClientConstant.ENV_CREDENTIALS_TYPE_KEY);
String accessKeyId = credentialsProperties.getSourceProperties().getProperty(CacheClientConstant.ENV_CREDENTIALS_ACCESS_KEY_ID_KEY);
String accessSecret = credentialsProperties.getSourceProperties().getProperty(CacheClientConstant.ENV_CREDENTIALS_ACCESS_SECRET_KEY);
if (!StringUtils.isEmpty(credentialsType)) {
switch (credentialsType) {
case "ak":
checkConfigParamNull(accessKeyId, CacheClientConstant.ENV_CREDENTIALS_ACCESS_KEY_ID_KEY);
checkConfigParamNull(accessSecret, CacheClientConstant.ENV_CREDENTIALS_ACCESS_SECRET_KEY);
credentialsProvider = CredentialsProviderUtils.withAccessKey(accessKeyId, accessSecret);
break;
case "token":
String credentialsAccessTokenId = credentialsProperties.getSourceProperties().getProperty(CacheClientConstant.ENV_CREDENTIALS_ACCESS_TOKEN_ID_KEY);
String credentialsAccessToken = credentialsProperties.getSourceProperties().getProperty(CacheClientConstant.ENV_CREDENTIALS_ACCESS_TOKEN_KEY);
checkConfigParamNull(credentialsAccessTokenId, CacheClientConstant.ENV_CREDENTIALS_ACCESS_TOKEN_ID_KEY);
checkConfigParamNull(credentialsAccessToken, CacheClientConstant.ENV_CREDENTIALS_ACCESS_TOKEN_KEY);
credentialsProvider = CredentialsProviderUtils.withToken(credentialsAccessTokenId, credentialsAccessToken);
break;
case "sts":
case "ram_role":
checkConfigParamNull(accessKeyId, CacheClientConstant.ENV_CREDENTIALS_ACCESS_KEY_ID_KEY);
checkConfigParamNull(accessSecret, CacheClientConstant.ENV_CREDENTIALS_ACCESS_SECRET_KEY);
String roleSessionName = credentialsProperties.getSourceProperties().getProperty(CacheClientConstant.ENV_CREDENTIALS_ROLE_SESSION_NAME_KEY);
String roleArn = credentialsProperties.getSourceProperties().getProperty(CacheClientConstant.ENV_CREDENTIALS_ROLE_ARN_KEY);
String policy = credentialsProperties.getSourceProperties().getProperty(CacheClientConstant.ENV_CREDENTIALS_POLICY_KEY);
checkConfigParamNull(roleSessionName, CacheClientConstant.ENV_CREDENTIALS_ROLE_SESSION_NAME_KEY);
checkConfigParamNull(roleArn, CacheClientConstant.ENV_CREDENTIALS_ROLE_ARN_KEY);
credentialsProvider = CredentialsProviderUtils.withRamRoleArnOrSts(accessKeyId, accessSecret, credentialsProperties.getRegionInfoList().get(0).getRegionId(), roleSessionName, roleArn, policy);
break;
case "ecs_ram_role":
String roleName = credentialsProperties.getSourceProperties().getProperty(CacheClientConstant.ENV_CREDENTIALS_ROLE_NAME_KEY);
checkConfigParamNull(roleName, CacheClientConstant.ENV_CREDENTIALS_ROLE_NAME_KEY);
credentialsProvider = CredentialsProviderUtils.withEcsRamRole(roleName);
break;
case "client_key":
String password = ClientKeyUtils.getPassword(credentialsProperties.getSourceProperties(), CacheClientConstant.ENV_CLIENT_KEY_PASSWORD_FROM_ENV_VARIABLE_NAME, CacheClientConstant.ENV_CLIENT_KEY_PASSWORD_FROM_FILE_PATH_NAME);
String privateKeyPath = credentialsProperties.getSourceProperties().getProperty(CacheClientConstant.ENV_CLIENT_KEY_PRIVATE_KEY_PATH_NAME_KEY);
checkConfigParamNull(privateKeyPath, CacheClientConstant.ENV_CLIENT_KEY_PRIVATE_KEY_PATH_NAME_KEY);
credentialsProvider = CredentialsProviderUtils.getCredentialsProvider(privateKeyPath, password);
break;
default:
throw new IllegalArgumentException(String.format("credentials config param[%s] is illegal", CacheClientConstant.ENV_CREDENTIALS_TYPE_KEY));
}
credentialsProperties.setProvider(credentialsProvider);
}
}