wangmingchuan
/
zhishifufei_php
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
4 Branches
0 Tags
98 MiB
 
 
 
 
 
 
Tag: Branch: Tree: 46bcb45d91
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '46bcb45d91'
${ noResults }
zhishifufei_php/vendor/alibabacloud/credentials/src/RamRoleArnCredential.php

218 lines
4.7 KiB
Raw Blame History

<?php
namespace AlibabaCloud\Credentials;
use AlibabaCloud\Credentials\Providers\RamRoleArnProvider;
use AlibabaCloud\Credentials\Signature\ShaHmac1Signature;
use Exception;
use GuzzleHttp\Exception\GuzzleException;
use InvalidArgumentException;
/**
* Use the AssumeRole of the RAM account to complete the authentication.
*/
class RamRoleArnCredential implements CredentialsInterface
{
/**
* @var string
*/
private $accessKeyId;
/**
* @var string
*/
private $accessKeySecret;
/**
* @var string
*/
private $roleArn;
/**
* @var string
*/
private $roleSessionName;
/**
* @var string
*/
private $policy;
/**
* @var array
*/
private $config;
/**
* RamRoleArnCredential constructor.
*
* @param array $credential
* @param array $config
*/
public function __construct(array $credential = [], array $config = [])
{
$this->filterParameters($credential);
$this->filterPolicy($credential);
Filter::accessKey($credential['access_key_id'], $credential['access_key_secret']);
$this->config = $config;
$this->accessKeyId = $credential['access_key_id'];
$this->accessKeySecret = $credential['access_key_secret'];
$this->roleArn = $credential['role_arn'];
$this->roleSessionName = $credential['role_session_name'];
}
/**
* @param array $credential
*/
private function filterParameters(array $credential)
{
if (!isset($credential['access_key_id'])) {
throw new InvalidArgumentException('Missing required access_key_id option in config for ram_role_arn');
}
if (!isset($credential['access_key_secret'])) {
throw new InvalidArgumentException('Missing required access_key_secret option in config for ram_role_arn');
}
if (!isset($credential['role_arn'])) {
throw new InvalidArgumentException('Missing required role_arn option in config for ram_role_arn');
}
if (!isset($credential['role_session_name'])) {
throw new InvalidArgumentException('Missing required role_session_name option in config for ram_role_arn');
}
}
/**
* @param array $credential
*/
private function filterPolicy(array $credential)
{
if (isset($credential['policy'])) {
if (is_string($credential['policy'])) {
$this->policy = $credential['policy'];
}
if (is_array($credential['policy'])) {
$this->policy = json_encode($credential['policy']);
}
}
}
/**
* @return array
*/
public function getConfig()
{
return $this->config;
}
/**
* @return string
*/
public function getRoleArn()
{
return $this->roleArn;
}
/**
* @return string
*/
public function getRoleSessionName()
{
return $this->roleSessionName;
}
/**
* @return string
*/
public function getPolicy()
{
return $this->policy;
}
/**
* @return string
*/
public function __toString()
{
return "$this->accessKeyId#$this->accessKeySecret#$this->roleArn#$this->roleSessionName";
}
/**
* @return ShaHmac1Signature
*/
public function getSignature()
{
return new ShaHmac1Signature();
}
/**
* @return string
*/
public function getOriginalAccessKeyId()
{
return $this->accessKeyId;
}
/**
* @return string
*/
public function getOriginalAccessKeySecret()
{
return $this->accessKeySecret;
}
/**
* @return string
* @throws Exception
* @throws GuzzleException
*/
public function getAccessKeyId()
{
return $this->getSessionCredential()->getAccessKeyId();
}
/**
* @return StsCredential
* @throws Exception
* @throws GuzzleException
*/
protected function getSessionCredential()
{
return (new RamRoleArnProvider($this))->get();
}
/**
* @return string
* @throws Exception
* @throws GuzzleException
*/
public function getAccessKeySecret()
{
return $this->getSessionCredential()->getAccessKeySecret();
}
/**
* @return string
* @throws Exception
* @throws GuzzleException
*/
public function getSecurityToken()
{
return $this->getSessionCredential()->getSecurityToken();
}
/**
* @return string
* @throws Exception
* @throws GuzzleException
*/
public function getExpiration()
{
return $this->getSessionCredential()->getExpiration();
}
}