private RefreshResult GetNewSessionCredentials()

in aliyun-net-credentials/Provider/RamRoleArnCredentialProvider.cs [294:354]

• 58 lines of code
• 5 McCabe index (conditional complexity)

        private RefreshResult<CredentialModel> GetNewSessionCredentials(IConnClient client)
        {
            HttpRequest httpRequest = new HttpRequest();
            httpRequest.SetCommonUrlParameters();
            httpRequest.AddUrlParameter("Action", "AssumeRole");
            httpRequest.AddUrlParameter("Format", "JSON");
            httpRequest.AddUrlParameter("Version", "2015-04-01");
            httpRequest.AddUrlParameter("DurationSeconds", durationSeconds.ToString());
            httpRequest.AddUrlParameter("RoleArn", this.roleArn);
            CredentialModel previousCredentials = CredentialsProvider.GetCredentials();
            ParameterHelper.ValidateNotNull(previousCredentials, "OriginalCredentials", "Unable to load original credentials from the providers in RAM role arn.");
            httpRequest.AddUrlParameter("AccessKeyId", previousCredentials.AccessKeyId);
            httpRequest.AddUrlParameter("SecurityToken", previousCredentials.SecurityToken);
            httpRequest.AddUrlParameter("RoleSessionName", this.roleSessionName);
            if (policy != null)
            {
                httpRequest.AddUrlParameter("Policy", this.policy);
            }

            if (externalId != null)
            {
                httpRequest.AddUrlParameter("ExternalId", this.externalId);
            }

            httpRequest.Method = MethodType.GET;
            httpRequest.ConnectTimeout = connectTimeout;
            httpRequest.ReadTimeout = readTimeout;
            string strToSign = ParameterHelper.ComposeStringToSign(MethodType.GET, httpRequest.UrlParameters);
            string signature = ParameterHelper.SignString(strToSign, previousCredentials.AccessKeySecret + "&");
            httpRequest.AddUrlParameter("Signature", signature);
            httpRequest.Url = ParameterHelper.ComposeUrl(STSEndpoint, httpRequest.UrlParameters,
                "https");
            HttpResponse httpResponse = client.DoAction(httpRequest);
            Dictionary<string, object> map =
                JsonConvert.DeserializeObject<Dictionary<string, object>>(httpResponse.GetHttpContentString());
            if (map.ContainsKey("Credentials"))
            {
                string credentialsJson = JsonConvert.SerializeObject(DictionaryUtil.Get(map, "Credentials"));
                Dictionary<string, string> credentials =
                    JsonConvert.DeserializeObject<Dictionary<string, string>>(credentialsJson);
                string expirationStr =
                    DictionaryUtil.Get(credentials, "Expiration").Replace('T', ' ').Replace('Z', ' ');
                var dt = Convert.ToDateTime(expirationStr);
                long expiration = dt.GetTimeMillis();
                CredentialModel credentialModel = new CredentialModel
                {
                    AccessKeyId = DictionaryUtil.Get(credentials, "AccessKeyId"),
                    AccessKeySecret = DictionaryUtil.Get(credentials, "AccessKeySecret"),
                    SecurityToken = DictionaryUtil.Get(credentials, "SecurityToken"),
                    Expiration = expiration,
                    Type = AuthConstant.RamRoleArn,
                    ProviderName = string.Format("{0}/{1}", this.GetProviderName(),
                        string.IsNullOrEmpty(previousCredentials.ProviderName)
                            ? CredentialsProvider.GetProviderName()
                            : previousCredentials.ProviderName)
                };
                return new RefreshResult<CredentialModel>(credentialModel, GetStaleTime(expiration));
            }

            throw new CredentialException(JsonConvert.SerializeObject(map));
        }