in src/main/java/com/aliyun/credentials/provider/ProfileCredentialsProvider.java [92:123]
private CredentialModel getSTSAssumeRoleSessionCredentials(Map<String, String> clientConfig,
CredentialsProviderFactory factory) {
String accessKeyId = clientConfig.get(AuthConstant.INI_ACCESS_KEY_ID);
String accessKeySecret = clientConfig.get(AuthConstant.INI_ACCESS_KEY_IDSECRET);
String roleSessionName = clientConfig.get(AuthConstant.INI_ROLE_SESSION_NAME);
String roleArn = clientConfig.get(AuthConstant.INI_ROLE_ARN);
String regionId = clientConfig.get(AuthConstant.DEFAULT_REGION);
String policy = clientConfig.get(AuthConstant.INI_POLICY);
if (StringUtils.isEmpty(accessKeyId) || StringUtils.isEmpty(accessKeySecret)) {
throw new CredentialException("The configured access_key_id or access_key_secret is empty.");
}
if (StringUtils.isEmpty(roleSessionName) || StringUtils.isEmpty(roleArn)) {
throw new CredentialException("The configured role_session_name or role_arn is empty.");
}
RamRoleArnCredentialProvider provider = factory.createCredentialsProvider(
RamRoleArnCredentialProvider.builder()
.accessKeyId(accessKeyId)
.accessKeySecret(accessKeySecret)
.roleArn(roleArn)
.roleSessionName(roleSessionName)
.regionId(regionId)
.policy(policy)
.build());
CredentialModel credential = provider.getCredentials();
return CredentialModel.builder()
.accessKeyId(credential.getAccessKeyId())
.accessKeySecret(credential.getAccessKeySecret())
.securityToken(credential.getSecurityToken())
.type(credential.getType())
.providerName(String.format("%s/%s", this.getProviderName(), credential.getProviderName()))
.build();
}