private static AWSCredentialsProvider getCredentialsProvider()

in amazon-kinesis-connector-flink/src/main/java/software/amazon/kinesis/connectors/flink/util/AWSUtil.java [160:219]

• 50 lines of code
• 9 McCabe index (conditional complexity)

	private static AWSCredentialsProvider getCredentialsProvider(final Properties configProps, final String configPrefix) {
		CredentialProvider credentialProviderType = getCredentialProviderType(configProps, configPrefix);

		switch (credentialProviderType) {
			case ENV_VAR:
				return new EnvironmentVariableCredentialsProvider();

			case SYS_PROP:
				return new SystemPropertiesCredentialsProvider();

			case PROFILE:
				String profileName = configProps.getProperty(
						AWSConfigConstants.profileName(configPrefix), null);
				String profileConfigPath = configProps.getProperty(
						AWSConfigConstants.profilePath(configPrefix), null);
				return (profileConfigPath == null)
					? new ProfileCredentialsProvider(profileName)
					: new ProfileCredentialsProvider(profileConfigPath, profileName);

			case BASIC:
				return new AWSCredentialsProvider() {
					@Override
					public AWSCredentials getCredentials() {
						return new BasicAWSCredentials(
							configProps.getProperty(AWSConfigConstants.accessKeyId(configPrefix)),
							configProps.getProperty(AWSConfigConstants.secretKey(configPrefix)));
					}

					@Override
					public void refresh() {
						// do nothing
					}
				};

			case ASSUME_ROLE:
				final AWSSecurityTokenService baseCredentials = AWSSecurityTokenServiceClientBuilder.standard()
						.withCredentials(getCredentialsProvider(configProps, AWSConfigConstants.roleCredentialsProvider(configPrefix)))
						.withRegion(configProps.getProperty(AWSConfigConstants.AWS_REGION))
						.build();
				return new STSAssumeRoleSessionCredentialsProvider.Builder(
						configProps.getProperty(AWSConfigConstants.roleArn(configPrefix)),
						configProps.getProperty(AWSConfigConstants.roleSessionName(configPrefix)))
						.withExternalId(configProps.getProperty(AWSConfigConstants.externalId(configPrefix)))
						.withStsClient(baseCredentials)
						.build();

			case WEB_IDENTITY_TOKEN:
				return WebIdentityTokenCredentialsProvider.builder()
						.roleArn(configProps.getProperty(AWSConfigConstants.roleArn(configPrefix), null))
						.roleSessionName(configProps.getProperty(AWSConfigConstants.roleSessionName(configPrefix), null))
						.webIdentityTokenFile(configProps.getProperty(AWSConfigConstants.webIdentityTokenFile(configPrefix), null))
						.build();

			case AUTO:
				return new DefaultAWSCredentialsProviderChain();

			default:
				throw new IllegalArgumentException("Credential provider not supported: " + credentialProviderType);
		}
	}