Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat ecs ram role #344

Closed
wants to merge 3 commits into from
Closed

Feat ecs ram role #344

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
87219d0
feat:ram role
baerwang Sep 18, 2022
59d334c
style:optimization
baerwang Sep 18, 2022
80abd10
use ecs endpoint get token
baerwang Sep 20, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 47 additions & 0 deletions oss/client.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,9 @@ package oss

import (
"bytes"
"encoding/json"
"encoding/xml"
"errors"
"fmt"
"io"
"io/ioutil"
Expand Down Expand Up @@ -78,6 +80,51 @@ func New(endpoint, accessKeyID, accessKeySecret string, options ...ClientOption)
return client, err
}

// NewRamRole creates a new client. Dynamic identity management and authorization for cloud applications
// docs https://help.aliyun.com/document_detail/93746.html
func NewRamRole(endpoint, ecsEndpoint, roleName string, options ...ClientOption) (*Client, error) {
url := &urlMaker{}
if err := url.Init(ecsEndpoint, false, false); err != nil {
return nil, err
}

client, err := New(endpoint, "", "", options...)
if err != nil {
return nil, err
}

toUrl := url.getURL("", "", "").String() + "/latest/meta-data/ram/security-credentials/" + roleName

get, err := client.Conn.client.Get(toUrl)
if err != nil {
return nil, err
}
defer get.Body.Close()

all, err := ioutil.ReadAll(get.Body)
if err != nil {
return nil, err
}

var ramRole RamRole
if err = json.Unmarshal(all, &ramRole); err != nil {
return nil, err
}

if ramRole.Code != "Success" {
return nil, errors.New("get ecs ram role code not is success")
}

if ramRole.AccessKeyId == "" || ramRole.AccessKeySecret == "" {
return nil, errors.New("get ecs ram role AccessKeyId AccessKeySecret is empty")
}
client.Config.AccessKeyID = ramRole.AccessKeyId
client.Config.AccessKeySecret = ramRole.AccessKeySecret
client.Config.SecurityToken = ramRole.SecurityToken

return client, err
}

// SetRegion set region for client
//
// region the region, such as cn-hangzhou
Expand Down
13 changes: 5 additions & 8 deletions oss/conn.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -794,12 +794,12 @@ func (um *urlMaker) Init(endpoint string, isCname bool, isProxy bool) error {

//use url.Parse() to get real host
strUrl := um.Scheme + "://" + um.NetLoc
url, err := url.Parse(strUrl)
parseUrl, err := url.Parse(strUrl)
if err != nil {
return err
}

um.NetLoc = url.Host
um.NetLoc = parseUrl.Host
host, _, err := net.SplitHostPort(um.NetLoc)
if err != nil {
host = um.NetLoc
Expand All @@ -808,8 +808,7 @@ func (um *urlMaker) Init(endpoint string, isCname bool, isProxy bool) error {
}
}

ip := net.ParseIP(host)
if ip != nil {
if ip := net.ParseIP(host); ip != nil {
um.Type = urlTypeIP
} else if isCname {
um.Type = urlTypeCname
Expand All @@ -824,10 +823,8 @@ func (um *urlMaker) Init(endpoint string, isCname bool, isProxy bool) error {
// getURL gets URL
func (um urlMaker) getURL(bucket, object, params string) *url.URL {
host, path := um.buildURL(bucket, object)
addr := ""
if params == "" {
addr = fmt.Sprintf("%s://%s%s", um.Scheme, host, path)
} else {
addr := fmt.Sprintf("%s://%s%s", um.Scheme, host, path)
if params != "" {
addr = fmt.Sprintf("%s://%s%s?%s", um.Scheme, host, path, params)
}
uri, _ := url.ParseRequestURI(addr)
Expand Down
8 changes: 4 additions & 4 deletions oss/option.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -566,7 +566,7 @@ func addArg(key string, value interface{}) Option {
}

func handleOptions(headers map[string]string, options []Option) error {
params := map[string]optionValue{}
params := make(map[string]optionValue, len(options))
for _, option := range options {
if option != nil {
if err := option(params); err != nil {
Expand All @@ -585,7 +585,7 @@ func handleOptions(headers map[string]string, options []Option) error {

func GetRawParams(options []Option) (map[string]interface{}, error) {
// Option
params := map[string]optionValue{}
params := make(map[string]optionValue, len(options))
for _, option := range options {
if option != nil {
if err := option(params); err != nil {
Expand All @@ -607,7 +607,7 @@ func GetRawParams(options []Option) (map[string]interface{}, error) {
}

func FindOption(options []Option, param string, defaultVal interface{}) (interface{}, error) {
params := map[string]optionValue{}
params := make(map[string]optionValue, len(options))
for _, option := range options {
if option != nil {
if err := option(params); err != nil {
Expand All @@ -623,7 +623,7 @@ func FindOption(options []Option, param string, defaultVal interface{}) (interfa
}

func IsOptionSet(options []Option, option string) (bool, interface{}, error) {
params := map[string]optionValue{}
params := make(map[string]optionValue, len(options))
for _, option := range options {
if option != nil {
if err := option(params); err != nil {
Expand Down
12 changes: 12 additions & 0 deletions oss/ram_role_type.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
package oss

import "time"

type RamRole struct {
AccessKeyId string `json:"AccessKeyId"`
AccessKeySecret string `json:"AccessKeySecret"`
SecurityToken string `json:"SecurityToken"`
Code string `json:"Code"`
Expiration time.Time `json:"Expiration"`
LastUpdated time.Time `json:"LastUpdated"`
}