in src/main/java/com/awslabs/resultsiterator/implementations/BouncyCastleCertificateCredentialsProvider.java [138:169]
protected AwsCredentials resolveCredentials(ImmutableCredentialProviderUrl credentialProviderUrl,
ImmutableThingName thingName,
ImmutableRoleAlias roleAlias,
ImmutableCaCertFilename caCertFilename,
ImmutableClientCertFilename clientCertFilename,
ImmutableClientPrivateKeyFilename clientPrivateKeyFilename,
ImmutablePassword password) {
HttpClient httpClient = getHttpClient(caCertFilename, clientCertFilename, clientPrivateKeyFilename, password);
String credentialProviderFullUrl = String.join("",
"https://",
credentialProviderUrl.getCredentialProviderUrl(),
"/",
"role-aliases",
"/",
roleAlias.getName(),
"/",
"credentials");
URI credentialProviderUri = Try.of(() -> new URI(credentialProviderFullUrl)).get();
HttpGet httpGet = new HttpGet(credentialProviderUri);
httpGet.setHeader(X_AMZN_IOT_THINGNAME, thingName.getName());
IotCredentialsProviderCredentials iotCredentialsProviderCredentials = Try.of(() -> httpClient.execute(httpGet))
.map(HttpResponse::getEntity)
.mapTry(EntityUtils::toByteArray)
.map(responseBytes -> fromJson(IotCredentialsProviderCredentials.class, responseBytes))
.get();
return iotCredentialsProviderCredentials.getCredentials().toAwsSessionCredentials();
}