in aliyun-net-credentials/Provider/CLIProfileCredentialsProvider.cs [150:227]
internal IAlibabaCloudCredentialsProvider ReloadCredentialsProvider(Config config, string profileName)
{
string currentProfileName = !string.IsNullOrEmpty(profileName) ? profileName : config.GetCurrent();
List<Profile> profiles = config.GetProfiles();
if (profiles != null && profiles.Count > 0)
{
foreach (var profile in profiles)
{
if (!string.IsNullOrEmpty(profile.GetName()) && profile.GetName().Equals(currentProfileName))
{
switch (profile.GetMode())
{
case "AK":
return new StaticAKCredentialsProvider.Builder()
.AccessKeyId(profile.GetAccessKeyId())
.AccessKeySecret(profile.GetAccessKeySecret())
.Build();
case "StsToken":
return new StaticSTSCredentialsProvider.Builder()
.AccessKeyId(profile.GetAccessKeyId())
.AccessKeySecret(profile.GetAccessKeySecret())
.SecurityToken(profile.GetSecurityToken())
.Build();
case "RamRoleArn":
CredentialModel credentialModel = new CredentialModel
{
AccessKeyId = ParameterHelper.ValidateNotEmpty(profile.GetAccessKeyId(), "AccessKeyId", "AccessKeyId must not be null or empty."),
AccessKeySecret = ParameterHelper.ValidateNotEmpty(profile.GetAccessKeySecret(), "AccessKeySecret", "AccessKeySecret must not be null or empty."),
Type = AuthConstant.AccessKey
};
IAlibabaCloudCredentialsProvider innerProvider = new StaticCredentialsProvider(credentialModel);
return new RamRoleArnCredentialProvider.Builder()
.CredentialsProvider(innerProvider)
.RoleArn(profile.GetRoleArn())
.DurationSeconds(profile.GetDurationSeconds())
.RoleSessionName(profile.GetRoleSessionName())
.StsRegionId(profile.GetStsRegionId())
.EnableVpc(profile.GetEnableVpc())
.Policy(profile.GetPolicy())
.ExternalId(profile.GetExternalId())
.Build();
case "EcsRamRole":
return new EcsRamRoleCredentialProvider.Builder().RoleName(profile.GetRamRoleName()).Build();
case "OIDC":
return new OIDCRoleArnCredentialProvider.Builder()
.DurationSeconds(profile.GetDurationSeconds())
.RoleArn(profile.GetRoleArn())
.RoleSessionName(profile.GetRoleSessionName())
.OIDCProviderArn(profile.GetOidcProviderArn())
.OIDCTokenFilePath(profile.GetOidcTokenFile())
.StsRegionId(profile.GetStsRegionId())
.Policy(profile.GetPolicy())
.EnableVpc(profile.GetEnableVpc())
.Build();
case "ChainableRamRoleArn":
if (profile.GetSourceProfile() == profile.GetName())
{
throw new CredentialException("Source profile name can not be the same as profile name.");
}
IAlibabaCloudCredentialsProvider previousProvider = ReloadCredentialsProvider(config, profile.GetSourceProfile());
return new RamRoleArnCredentialProvider.Builder()
.CredentialsProvider(previousProvider)
.RoleArn(profile.GetRoleArn())
.DurationSeconds(profile.GetDurationSeconds())
.RoleSessionName(profile.GetRoleSessionName())
.StsRegionId(profile.GetStsRegionId())
.EnableVpc(profile.GetEnableVpc())
.Policy(profile.GetPolicy())
.ExternalId(profile.GetExternalId())
.Build();
default:
throw new CredentialException(string.Format("Unsupported profile mode '{0}' form CLI credentials file.", profile.GetMode()));
}
}
}
}
throw new CredentialException(string.Format("Unable to get profile with '{0}' form CLI credentials file.", currentProfileName));
}