in src/main/java/com/aliyun/credentials/provider/CLIProfileCredentialsProvider.java [64:152]
AlibabaCloudCredentialsProvider reloadCredentialsProvider(Config config, String profileName) {
String currentProfileName = !StringUtils.isEmpty(profileName) ? profileName : config.getCurrent();
List<Profile> profiles = config.getProfiles();
if (profiles != null && !profiles.isEmpty()) {
for (Profile profile : profiles) {
if (!StringUtils.isEmpty(profile.getName()) && profile.getName().equals(currentProfileName)) {
switch (profile.getMode()) {
case "AK":
return StaticCredentialsProvider.builder()
.credential(CredentialModel.builder()
.accessKeyId(Validate.notNull(
profile.getAccessKeyId(), "AccessKeyId must not be null."))
.accessKeySecret(Validate.notNull(
profile.getAccessKeySecret(), "AccessKeySecret must not be null."))
.type(AuthConstant.ACCESS_KEY)
.providerName(ProviderName.STATIC_AK)
.build())
.build();
case "StsToken":
return StaticCredentialsProvider.builder()
.credential(CredentialModel.builder()
.accessKeyId(Validate.notNull(
profile.getAccessKeyId(), "AccessKeyId must not be null."))
.accessKeySecret(Validate.notNull(
profile.getAccessKeySecret(), "AccessKeySecret must not be null."))
.securityToken(Validate.notNull(
profile.getSecurityToken(), "SecurityToken must not be null."
))
.type(AuthConstant.STS)
.providerName(ProviderName.STATIC_STS)
.build())
.build();
case "RamRoleArn":
AlibabaCloudCredentialsProvider innerProvider = StaticCredentialsProvider.builder()
.credential(CredentialModel.builder()
.accessKeyId(Validate.notNull(
profile.getAccessKeyId(), "AccessKeyId must not be null."))
.accessKeySecret(Validate.notNull(
profile.getAccessKeySecret(), "AccessKeySecret must not be null."))
.type(AuthConstant.ACCESS_KEY)
.providerName(ProviderName.STATIC_AK)
.build())
.build();
;
return RamRoleArnCredentialProvider.builder()
.credentialsProvider(innerProvider)
.durationSeconds(profile.getDurationSeconds())
.roleArn(profile.getRoleArn())
.roleSessionName(profile.getRoleSessionName())
.stsRegionId(profile.getStsRegionId())
.enableVpc(profile.getEnableVpc())
.policy(profile.getPolicy())
.externalId(profile.getExternalId())
.build();
case "EcsRamRole":
return EcsRamRoleCredentialProvider.builder()
.roleName(profile.getRamRoleName())
.build();
case "OIDC":
return OIDCRoleArnCredentialProvider.builder()
.durationSeconds(profile.getDurationSeconds())
.roleArn(profile.getRoleArn())
.roleSessionName(profile.getRoleSessionName())
.oidcProviderArn(profile.getOidcProviderArn())
.oidcTokenFilePath(profile.getOidcTokenFile())
.stsRegionId(profile.getStsRegionId())
.enableVpc(profile.getEnableVpc())
.policy(profile.getPolicy())
.build();
case "ChainableRamRoleArn":
AlibabaCloudCredentialsProvider previousProvider = reloadCredentialsProvider(config, profile.getSourceProfile());
return RamRoleArnCredentialProvider.builder()
.credentialsProvider(previousProvider)
.durationSeconds(profile.getDurationSeconds())
.roleArn(profile.getRoleArn())
.roleSessionName(profile.getRoleSessionName())
.stsRegionId(profile.getStsRegionId())
.enableVpc(profile.getEnableVpc())
.policy(profile.getPolicy())
.externalId(profile.getExternalId())
.build();
default:
throw new CredentialException(String.format("Unsupported profile mode '%s' form CLI credentials file.", profile.getMode()));
}
}
}
}
throw new CredentialException(String.format("Unable to get profile with '%s' form CLI credentials file.", currentProfileName));
}