init commit
This commit is contained in:
@@ -0,0 +1,199 @@
|
||||
<?php
|
||||
|
||||
namespace AlibabaCloud\Credentials;
|
||||
|
||||
use AlibabaCloud\Credentials\Providers\EcsRamRoleCredentialsProvider;
|
||||
use AlibabaCloud\Credentials\Credential\CredentialModel;
|
||||
use AlibabaCloud\Credentials\Signature\ShaHmac1Signature;
|
||||
use AlibabaCloud\Credentials\Request\Request;
|
||||
use AlibabaCloud\Credentials\Utils\Filter;
|
||||
use Exception;
|
||||
use GuzzleHttp\Exception\GuzzleException;
|
||||
use InvalidArgumentException;
|
||||
use RuntimeException;
|
||||
|
||||
/**
|
||||
* @deprecated
|
||||
* Use the RAM role of an ECS instance to complete the authentication.
|
||||
*/
|
||||
class EcsRamRoleCredential implements CredentialsInterface
|
||||
{
|
||||
|
||||
/**
|
||||
* @var string
|
||||
*/
|
||||
private $roleName;
|
||||
|
||||
/**
|
||||
* @var boolean
|
||||
*/
|
||||
private $disableIMDSv1;
|
||||
|
||||
/**
|
||||
* @var int
|
||||
*/
|
||||
private $metadataTokenDuration;
|
||||
|
||||
|
||||
/**
|
||||
* EcsRamRoleCredential constructor.
|
||||
*
|
||||
* @param $role_name
|
||||
*/
|
||||
public function __construct($role_name = null, $disable_imdsv1 = false, $metadata_token_duration = 21600)
|
||||
{
|
||||
Filter::roleName($role_name);
|
||||
|
||||
$this->roleName = $role_name;
|
||||
|
||||
Filter::disableIMDSv1($disable_imdsv1);
|
||||
|
||||
$this->disableIMDSv1 = $disable_imdsv1;
|
||||
|
||||
$this->metadataTokenDuration = $metadata_token_duration;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return string
|
||||
* @throws GuzzleException
|
||||
* @throws Exception
|
||||
*/
|
||||
public function getRoleName()
|
||||
{
|
||||
if ($this->roleName !== null) {
|
||||
return $this->roleName;
|
||||
}
|
||||
|
||||
$this->roleName = $this->getRoleNameFromMeta();
|
||||
|
||||
return $this->roleName;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return string
|
||||
* @throws Exception
|
||||
*/
|
||||
public function getRoleNameFromMeta()
|
||||
{
|
||||
$options = [
|
||||
'http_errors' => false,
|
||||
'timeout' => 1,
|
||||
'connect_timeout' => 1,
|
||||
];
|
||||
|
||||
$result = Request::createClient()->request(
|
||||
'GET',
|
||||
'http://100.100.100.200/latest/meta-data/ram/security-credentials/',
|
||||
$options
|
||||
);
|
||||
|
||||
if ($result->getStatusCode() === 404) {
|
||||
throw new InvalidArgumentException('The role name was not found in the instance');
|
||||
}
|
||||
|
||||
if ($result->getStatusCode() !== 200) {
|
||||
throw new RuntimeException('Error retrieving credentials from result: ' . $result->getBody());
|
||||
}
|
||||
|
||||
$role_name = (string) $result;
|
||||
if (!$role_name) {
|
||||
throw new RuntimeException('Error retrieving credentials from result is empty');
|
||||
}
|
||||
|
||||
return $role_name;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return string
|
||||
*/
|
||||
public function __toString()
|
||||
{
|
||||
return "roleName#$this->roleName";
|
||||
}
|
||||
|
||||
/**
|
||||
* @return ShaHmac1Signature
|
||||
*/
|
||||
public function getSignature()
|
||||
{
|
||||
return new ShaHmac1Signature();
|
||||
}
|
||||
|
||||
/**
|
||||
* @return string
|
||||
* @throws Exception
|
||||
* @throws GuzzleException
|
||||
*/
|
||||
public function getAccessKeyId()
|
||||
{
|
||||
return $this->getSessionCredential()->getAccessKeyId();
|
||||
}
|
||||
|
||||
/**
|
||||
* @return AlibabaCloud\Credentials\Providers\Credentials
|
||||
* @throws Exception
|
||||
* @throws GuzzleException
|
||||
*/
|
||||
protected function getSessionCredential()
|
||||
{
|
||||
$params = [
|
||||
"roleName" => $this->roleName,
|
||||
'disableIMDSv1' => $this->disableIMDSv1,
|
||||
'metadataTokenDuration' => $this->metadataTokenDuration,
|
||||
];
|
||||
return (new EcsRamRoleCredentialsProvider($params))->getCredentials();
|
||||
}
|
||||
|
||||
/**
|
||||
* @return string
|
||||
* @throws Exception
|
||||
* @throws GuzzleException
|
||||
*/
|
||||
public function getAccessKeySecret()
|
||||
{
|
||||
return $this->getSessionCredential()->getAccessKeySecret();
|
||||
}
|
||||
|
||||
/**
|
||||
* @return string
|
||||
* @throws Exception
|
||||
* @throws GuzzleException
|
||||
*/
|
||||
public function getSecurityToken()
|
||||
{
|
||||
return $this->getSessionCredential()->getSecurityToken();
|
||||
}
|
||||
|
||||
/**
|
||||
* @return int
|
||||
* @throws Exception
|
||||
* @throws GuzzleException
|
||||
*/
|
||||
public function getExpiration()
|
||||
{
|
||||
return $this->getSessionCredential()->getExpiration();
|
||||
}
|
||||
|
||||
/**
|
||||
* @return bool
|
||||
*/
|
||||
public function isDisableIMDSv1()
|
||||
{
|
||||
return $this->disableIMDSv1;
|
||||
}
|
||||
|
||||
/**
|
||||
* @inheritDoc
|
||||
*/
|
||||
public function getCredential()
|
||||
{
|
||||
$credentials = $this->getSessionCredential();
|
||||
return new CredentialModel([
|
||||
'accessKeyId' => $credentials->getAccessKeyId(),
|
||||
'accessKeySecret' => $credentials->getAccessKeySecret(),
|
||||
'securityToken' => $credentials->getSecurityToken(),
|
||||
'type' => 'ecs_ram_role',
|
||||
]);
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user