in aliyun-net-credentials/Provider/ProfileCredentialsProvider.cs [315:351]
public async Task<CredentialModel> GetSTSOIDCRoleSessionCredentialsAsync(Dictionary<string, string> clientConfig)
{
string roleSessionName = DictionaryUtil.Get(clientConfig, AuthConstant.IniRoleSessionName);
string roleArn = DictionaryUtil.Get(clientConfig, AuthConstant.IniRoleArn);
string OIDCProviderArn = DictionaryUtil.Get(clientConfig, AuthConstant.IniOIDCProviderArn);
string OIDCTokenFilePath = DictionaryUtil.Get(clientConfig, AuthConstant.IniOIDCTokenFilePath);
string regionId = DictionaryUtil.Get(clientConfig, AuthConstant.DefaultRegion);
string policy = DictionaryUtil.Get(clientConfig, AuthConstant.IniPolicy);
string stsRegionId = DictionaryUtil.Get(clientConfig, AuthConstant.iniStsRegionId);
string enable = DictionaryUtil.Get(clientConfig, AuthConstant.IniEnable);
bool? enableVpc = enable == null ? (bool?)null
: enable.ToLower() == "true" ? true
: enable.ToLower() == "false" ? false
: (bool?)null;
if (string.IsNullOrWhiteSpace(roleArn))
{
throw new CredentialException("The configured role_arn is empty");
}
if (string.IsNullOrWhiteSpace(OIDCProviderArn))
{
throw new CredentialException("The configured oidc_provider_arn is empty");
}
OIDCRoleArnCredentialProvider provider = new OIDCRoleArnCredentialProvider.Builder()
.RoleArn(roleArn)
.OIDCProviderArn(OIDCProviderArn)
.OIDCTokenFilePath(OIDCTokenFilePath)
.RoleSessionName(roleSessionName)
.RegionId(regionId)
.Policy(policy)
.StsRegionId(stsRegionId)
.EnableVpc(enableVpc)
.Build();
return await provider.GetCredentialsAsync();
}