in src/aws-cpp-sdk-core/source/internal/AWSHttpResourceClient.cpp [519:604]
STSCredentialsClient::STSAssumeRoleWithWebIdentityResult STSCredentialsClient::GetAssumeRoleWithWebIdentityCredentials(const STSAssumeRoleWithWebIdentityRequest& request)
{
//Calculate query string
Aws::StringStream ss;
ss << "Action=AssumeRoleWithWebIdentity"
<< "&Version=2011-06-15"
<< "&RoleSessionName=" << Aws::Utils::StringUtils::URLEncode(request.roleSessionName.c_str())
<< "&RoleArn=" << Aws::Utils::StringUtils::URLEncode(request.roleArn.c_str())
<< "&WebIdentityToken=" << Aws::Utils::StringUtils::URLEncode(request.webIdentityToken.c_str());
std::shared_ptr<HttpRequest> httpRequest(CreateHttpRequest(m_endpoint, HttpMethod::HTTP_POST,
Aws::Utils::Stream::DefaultResponseStreamFactoryMethod));
httpRequest->SetUserAgent(m_userAgent);
std::shared_ptr<Aws::IOStream> body = Aws::MakeShared<Aws::StringStream>("STS_RESOURCE_CLIENT_LOG_TAG");
*body << ss.str();
httpRequest->AddContentBody(body);
body->seekg(0, body->end);
auto streamSize = body->tellg();
body->seekg(0, body->beg);
Aws::StringStream contentLength;
contentLength << streamSize;
httpRequest->SetContentLength(contentLength.str());
httpRequest->SetContentType("application/x-www-form-urlencoded");
Aws::String credentialsStr = GetResourceWithAWSWebServiceResult(httpRequest).GetPayload();
//Parse credentials
STSAssumeRoleWithWebIdentityResult result;
if (credentialsStr.empty())
{
AWS_LOGSTREAM_WARN(STS_RESOURCE_CLIENT_LOG_TAG, "Get an empty credential from sts");
return result;
}
const Utils::Xml::XmlDocument xmlDocument = XmlDocument::CreateFromXmlString(credentialsStr);
XmlNode rootNode = xmlDocument.GetRootElement();
XmlNode resultNode = rootNode;
if (!rootNode.IsNull() && (rootNode.GetName() != "AssumeRoleWithWebIdentityResult"))
{
resultNode = rootNode.FirstChild("AssumeRoleWithWebIdentityResult");
}
if (!resultNode.IsNull())
{
XmlNode credentialsNode = resultNode.FirstChild("Credentials");
if (!credentialsNode.IsNull())
{
XmlNode accessKeyIdNode = credentialsNode.FirstChild("AccessKeyId");
if (!accessKeyIdNode.IsNull())
{
result.creds.SetAWSAccessKeyId(accessKeyIdNode.GetText());
}
XmlNode secretAccessKeyNode = credentialsNode.FirstChild("SecretAccessKey");
if (!secretAccessKeyNode.IsNull())
{
result.creds.SetAWSSecretKey(secretAccessKeyNode.GetText());
}
XmlNode sessionTokenNode = credentialsNode.FirstChild("SessionToken");
if (!sessionTokenNode.IsNull())
{
result.creds.SetSessionToken(sessionTokenNode.GetText());
}
XmlNode expirationNode = credentialsNode.FirstChild("Expiration");
if (!expirationNode.IsNull())
{
result.creds.SetExpiration(DateTime(StringUtils::Trim(expirationNode.GetText().c_str()).c_str(), DateFormat::ISO_8601));
}
XmlNode assumeRoleUser = credentialsNode.FirstChild("AssumedRoleUser");
if (!assumeRoleUser.IsNull())
{
XmlNode roleArn = assumeRoleUser.FirstChild("Arn");
if (!roleArn.IsNull())
{
result.creds.SetAccountId(ARN{roleArn.GetText()}.GetAccountId());
}
}
}
}
return result;
}