private AWSCredentialsProvider createCustomCredentialsProvider()

in jdbc/src/main/java/software/amazon/timestream/jdbc/TimestreamConnection.java [791:876]


  private AWSCredentialsProvider createCustomCredentialsProvider(final Properties info, CloseableHttpClient httpClient)
      throws SQLException {
    final String idpName = info
        .getOrDefault(TimestreamConnectionProperty.IDP_NAME.getConnectionProperty(), "")
        .toString();

    // If specified, use the SAML based credentials provider.
    if (!idpName.isEmpty()) {
      switch (idpName.toLowerCase()) {
        case Constants.OKTA_IDP_NAME: {
          final Map<String, String> oktaFieldsMap = extractRequiredProperties(
            info,
            TimestreamConnectionProperty.OKTA_PROPERTY_SET);
          return createOktaCredentialsProvider(httpClient, oktaFieldsMap).createCredentialsProvider();
        }

        case Constants.AAD_IDP_NAME: {
          final Map<String, String> azureADFieldsMap = extractRequiredProperties(info,
            TimestreamConnectionProperty.AAD_PROPERTY_SET);
          return createAzureADCredentialsProvider(httpClient, azureADFieldsMap)
            .createCredentialsProvider();
        }

        default: {
          throw Error
              .createSQLException(LOGGER, Error.UNSUPPORTED_SAML_CREDENTIALS_PROVIDER, idpName);
        }
      }
    }

    final String awsCredentialsProviderClassName = info
        .getOrDefault(TimestreamConnectionProperty.AWS_CREDENTIALS_PROVIDER_CLASS.getConnectionProperty(), "")
        .toString();

    // If specified, use the AWSCredentialsProvider.
    if (!awsCredentialsProviderClassName.isEmpty()) {
      switch (awsCredentialsProviderClassName.toLowerCase()) {
        case Constants.PROPERTIES_FILE_CREDENTIALS_PROVIDER_CLASSNAME: {
          LOGGER.info("Creating a PropertiesFileCredentialsProvider.");
          final String customCredentialsFilePath = info
            .getOrDefault(
              TimestreamConnectionProperty.CUSTOM_CREDENTIALS_FILE_PATH.getConnectionProperty(),
              "")
            .toString();
          if (customCredentialsFilePath.isEmpty()) {
            throw Error
              .createSQLException(LOGGER, Error.INVALID_CREDENTIALS_FILE_PATH);
          }

          return new PropertiesFileCredentialsProvider(customCredentialsFilePath);
        }

        case Constants.INSTANCE_PROFILE_CREDENTIALS_PROVIDER_CLASSNAME: {
          LOGGER.info("Creating an InstanceProfileCredentialsProvider.");
          return new InstanceProfileCredentialsProvider(false);
        }

        default: {
          throw Error.createSQLException(LOGGER, Error.UNSUPPORTED_AWS_CREDENTIALS_PROVIDER,
              awsCredentialsProviderClassName);
        }
      }
    }

    final String accessKey = info
        .getOrDefault(TimestreamConnectionProperty.ACCESS_KEY_ID.getConnectionProperty(), "").toString();
    final String secretKey = info
        .getOrDefault(TimestreamConnectionProperty.SECRET_ACCESS_KEY.getConnectionProperty(), "").toString();

    if (!accessKey.isEmpty() && !secretKey.isEmpty()) {
      final String sessionToken = info
          .getOrDefault(TimestreamConnectionProperty.SESSION_TOKEN.getConnectionProperty(), "").toString();
      final AWSCredentials credentials;
      if (sessionToken.isEmpty()) {
        credentials = new BasicAWSCredentials(accessKey, secretKey);
      } else {
        credentials = new BasicSessionCredentials(accessKey, secretKey, sessionToken);
      }

      LOGGER.info("Creating an AWSStaticCredentialsProvider.");
      return new AWSStaticCredentialsProvider(credentials);
    }
    LOGGER.info(
        "No custom credentials provider is created. Returning the DefaultAWSCredentialsProviderChain.");
    return DefaultAWSCredentialsProviderChain.getInstance();
  }