From c1a92218dd4b8e0a09640a7a0acff4f0850da671 Mon Sep 17 00:00:00 2001 From: Jackson Tian Date: Tue, 23 Jul 2024 18:07:11 +0800 Subject: [PATCH] refine ProfileCredentialsProvider --- .../java/com/aliyuncs/auth/AuthConstant.java | 1 + .../auth/ProfileCredentialsProvider.java | 159 ++++--- .../auth/ProfileCredentialsProviderTest.java | 449 +++++++++++------- 3 files changed, 377 insertions(+), 232 deletions(-) diff --git a/aliyun-java-sdk-core/src/main/java/com/aliyuncs/auth/AuthConstant.java b/aliyun-java-sdk-core/src/main/java/com/aliyuncs/auth/AuthConstant.java index 364929a543..1a6ecdbbbe 100644 --- a/aliyun-java-sdk-core/src/main/java/com/aliyuncs/auth/AuthConstant.java +++ b/aliyun-java-sdk-core/src/main/java/com/aliyuncs/auth/AuthConstant.java @@ -12,6 +12,7 @@ public class AuthConstant { public static final String INI_TYPE_RAM = "ecs_ram_role"; public static final String INI_TYPE_ARN = "ram_role_arn"; public static final String INI_TYPE_KEY_PAIR = "rsa_key_pair"; + public static final String INI_TYPE_ACESS_KEY = "access_key"; public static final String INI_PUBLIC_KEY_ID = "public_key_id"; public static final String INI_PRIVATE_KEY_FILE = "private_key_file"; public static final String INI_PRIVATE_KEY = "private_key"; diff --git a/aliyun-java-sdk-core/src/main/java/com/aliyuncs/auth/ProfileCredentialsProvider.java b/aliyun-java-sdk-core/src/main/java/com/aliyuncs/auth/ProfileCredentialsProvider.java index de0601efc7..8172323698 100644 --- a/aliyun-java-sdk-core/src/main/java/com/aliyuncs/auth/ProfileCredentialsProvider.java +++ b/aliyun-java-sdk-core/src/main/java/com/aliyuncs/auth/ProfileCredentialsProvider.java @@ -12,11 +12,13 @@ import java.util.Map; public class ProfileCredentialsProvider implements AlibabaCloudCredentialsProvider { - private static volatile Wini ini; + private final String filePath; + private volatile Wini ini; + private AlibabaCloudCredentialsProvider innerProvider; - private static Wini getIni(String filePath) throws IOException { + private Wini getIni(String filePath) throws IOException { if (null == ini) { - synchronized (ProfileCredentialsProvider.class) { + synchronized (this) { if (null == ini) { ini = new Wini(new File(filePath)); } @@ -25,31 +27,61 @@ private static Wini getIni(String filePath) throws IOException { return ini; } - @Override - public AlibabaCloudCredentials getCredentials() throws ClientException { - String filePath = AuthUtils.getEnvironmentCredentialsFile(); - if (filePath == null) { + // 本包可见 + ProfileCredentialsProvider(String filePath) { + if (StringUtils.isEmpty(filePath)) { filePath = AuthConstant.DEFAULT_CREDENTIALS_FILE_PATH; } - if (filePath.isEmpty()) { - throw new ClientException("The specified credentials file is empty"); - } - Wini ini; - try { - ini = getIni(filePath); - } catch (IOException e) { - return null; - } - Map> client = loadIni(ini); - Map clientConfig = client.get(AuthUtils.getClientType()); + this.filePath = filePath; + } + + public ProfileCredentialsProvider() { + this(AuthUtils.getEnvironmentCredentialsFile()); + } + + private AlibabaCloudCredentialsProvider getCredentialsProvider(Map clientConfig) throws ClientException { if (clientConfig == null) { throw new ClientException("Client is not open in the specified credentials file"); } - CredentialsProviderFactory credentialsProviderFactory = new CredentialsProviderFactory(); - return createCredential(clientConfig, credentialsProviderFactory); + + String configType = clientConfig.get(AuthConstant.INI_TYPE); + if (StringUtils.isEmpty(configType)) { + throw new ClientException("The configured client type is empty"); + } + if (AuthConstant.INI_TYPE_ARN.equals(configType)) { + return getSTSAssumeRoleSessionCredentialsProvider(clientConfig); + } + if (AuthConstant.INI_TYPE_KEY_PAIR.equals(configType)) { + return getSTSGetSessionAccessKeyCredentialsProvider(clientConfig); + } + if (AuthConstant.INI_TYPE_RAM.equals(configType)) { + return getInstanceProfileCredentialsProvider(clientConfig); + } + if (AuthConstant.INI_TYPE_ACESS_KEY.equals(configType)) { + return getStaticCredentialsProvider(clientConfig); + } + + throw new ClientException(String.format("The configured client type %s is not supported", configType)); + } + + @Override + public AlibabaCloudCredentials getCredentials() throws ClientException { + // lazy load it + if (this.innerProvider == null) { + Wini ini; + try { + ini = getIni(filePath); + } catch (IOException e) { + throw new ClientException("Client is not open in the specified credentials file"); + } + Map> client = loadIni(ini); + Map clientConfig = client.get(AuthUtils.getClientType()); + this.innerProvider = getCredentialsProvider(clientConfig); + } + return this.innerProvider.getCredentials(); } - private Map> loadIni(Wini ini) { + private static Map> loadIni(Wini ini) { Map> client = new HashMap>(); boolean enable; for (Map.Entry clientType : ini.entrySet()) { @@ -65,78 +97,67 @@ private Map> loadIni(Wini ini) { return client; } - private AlibabaCloudCredentials createCredential(Map clientConfig, - CredentialsProviderFactory factory) throws ClientException { - String configType = clientConfig.get(AuthConstant.INI_TYPE); - if (StringUtils.isEmpty(configType)) { - throw new ClientException("The configured client type is empty"); - } - if (AuthConstant.INI_TYPE_ARN.equals(configType)) { - return getSTSAssumeRoleSessionCredentials(clientConfig, factory); - } - if (AuthConstant.INI_TYPE_KEY_PAIR.equals(configType)) { - return getSTSGetSessionAccessKeyCredentials(clientConfig, factory); - } - if (AuthConstant.INI_TYPE_RAM.equals(configType)) { - return getInstanceProfileCredentials(clientConfig, factory); - } - String accessKeyId = clientConfig.get(AuthConstant.INI_ACCESS_KEY_ID); - String accessKeySecret = clientConfig.get(AuthConstant.INI_ACCESS_KEY_IDSECRET); - if (StringUtils.isEmpty(accessKeyId) || StringUtils.isEmpty(accessKeySecret)) { - return null; - } - return new BasicCredentials(accessKeyId, accessKeySecret); - } - - private AlibabaCloudCredentials getSTSAssumeRoleSessionCredentials(Map clientConfig, - CredentialsProviderFactory factory) + private static AlibabaCloudCredentialsProvider getSTSAssumeRoleSessionCredentialsProvider(Map clientConfig) throws ClientException { String accessKeyId = clientConfig.get(AuthConstant.INI_ACCESS_KEY_ID); + if (StringUtils.isEmpty(accessKeyId)) { + throw new ClientException("The configured access_key_id is empty"); + } String accessKeySecret = clientConfig.get(AuthConstant.INI_ACCESS_KEY_IDSECRET); + if (StringUtils.isEmpty(accessKeySecret)) { + throw new ClientException("The configured access_key_secret is empty"); + } String roleSessionName = clientConfig.get(AuthConstant.INI_ROLE_SESSION_NAME); + if (StringUtils.isEmpty(roleSessionName)) { + throw new ClientException("The configured role_session_name is empty"); + } String roleArn = clientConfig.get(AuthConstant.INI_ROLE_ARN); + if (StringUtils.isEmpty(roleArn)) { + throw new ClientException("The configured role_arn is empty"); + } String regionId = clientConfig.get(AuthConstant.DEFAULT_REGION); String policy = clientConfig.get(AuthConstant.INI_POLICY); - if (StringUtils.isEmpty(accessKeyId) || StringUtils.isEmpty(accessKeySecret)) { - throw new ClientException("The configured access_key_id or access_key_secret is empty"); - } - if (StringUtils.isEmpty(roleSessionName) || StringUtils.isEmpty(roleArn)) { - throw new ClientException("The configured role_session_name or role_arn is empty"); - } - STSAssumeRoleSessionCredentialsProvider provider = - factory.createCredentialsProvider(new STSAssumeRoleSessionCredentialsProvider(accessKeyId, - accessKeySecret, roleSessionName, roleArn, regionId, policy)); - return provider.getCredentials(); + + return new STSAssumeRoleSessionCredentialsProvider(accessKeyId, accessKeySecret, roleSessionName, roleArn, regionId, policy); } - private AlibabaCloudCredentials getSTSGetSessionAccessKeyCredentials(Map clientConfig, - CredentialsProviderFactory factory) + private static AlibabaCloudCredentialsProvider getSTSGetSessionAccessKeyCredentialsProvider(Map clientConfig) throws ClientException { String publicKeyId = clientConfig.get(AuthConstant.INI_PUBLIC_KEY_ID); + if (StringUtils.isEmpty(publicKeyId)) { + throw new ClientException("The configured public_key_id is empty"); + } String privateKeyFile = clientConfig.get(AuthConstant.INI_PRIVATE_KEY_FILE); if (StringUtils.isEmpty(privateKeyFile)) { throw new ClientException("The configured private_key_file is empty"); } String privateKey = AuthUtils.readFile(privateKeyFile); - if (StringUtils.isEmpty(publicKeyId) || StringUtils.isEmpty(privateKey)) { - throw new ClientException("The configured public_key_id or private_key_file content is empty"); + if (StringUtils.isEmpty(privateKey)) { + throw new ClientException("The configured private_key_file content is empty"); } - STSGetSessionAccessKeyCredentialsProvider provider = - factory.createCredentialsProvider(new STSGetSessionAccessKeyCredentialsProvider(publicKeyId, privateKey)); - return provider.getCredentials(); + + return new STSGetSessionAccessKeyCredentialsProvider(publicKeyId, privateKey); } - private AlibabaCloudCredentials getInstanceProfileCredentials(Map clientConfig, - CredentialsProviderFactory factory) - throws ClientException { + private static AlibabaCloudCredentialsProvider getInstanceProfileCredentialsProvider(Map clientConfig) throws ClientException { String roleName = clientConfig.get(AuthConstant.INI_ROLE_NAME); if (StringUtils.isEmpty(roleName)) { throw new ClientException("The configured role_name is empty"); } - InstanceProfileCredentialsProvider provider = - factory.createCredentialsProvider(new InstanceProfileCredentialsProvider(roleName)); - return provider.getCredentials(); + + return new InstanceProfileCredentialsProvider(roleName); } + private static AlibabaCloudCredentialsProvider getStaticCredentialsProvider(Map clientConfig) throws ClientException { + String accessKeyId = clientConfig.get(AuthConstant.INI_ACCESS_KEY_ID); + if (StringUtils.isEmpty(accessKeyId)) { + throw new ClientException("The configured access_key_id is empty"); + } + String accessKeySecret = clientConfig.get(AuthConstant.INI_ACCESS_KEY_IDSECRET); + if (StringUtils.isEmpty(accessKeySecret)) { + throw new ClientException("The configured access_key_secret is empty"); + } + return new StaticCredentialsProvider(new BasicCredentials(accessKeyId, accessKeySecret)); + } } diff --git a/aliyun-java-sdk-core/src/test/java/com/aliyuncs/auth/ProfileCredentialsProviderTest.java b/aliyun-java-sdk-core/src/test/java/com/aliyuncs/auth/ProfileCredentialsProviderTest.java index a269ff085f..8cf4492651 100644 --- a/aliyun-java-sdk-core/src/test/java/com/aliyuncs/auth/ProfileCredentialsProviderTest.java +++ b/aliyun-java-sdk-core/src/test/java/com/aliyuncs/auth/ProfileCredentialsProviderTest.java @@ -5,8 +5,10 @@ import org.ini4j.Wini; import org.junit.Assert; import org.junit.Test; -import org.mockito.Mockito; +import org.junit.function.ThrowingRunnable; +import java.io.File; +import java.io.IOException; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; import java.util.HashMap; @@ -14,194 +16,315 @@ public class ProfileCredentialsProviderTest { + @Test + public void constructorTest() { + ProfileCredentialsProvider pcp = new ProfileCredentialsProvider(); + Assert.assertNotNull(pcp); + } @Test - public void getCredentialsTest() throws ClientException { - AuthUtils.setEnvironmentCredentialsFile(""); - ProfileCredentialsProvider provider = new ProfileCredentialsProvider(); - try { - provider.getCredentials(); - Assert.fail(); - } catch (ClientException e) { - Assert.assertEquals("The specified credentials file is empty", e.getMessage()); - } - String filePath = ProfileCredentialsProviderTest.class.getClassLoader(). - getResource("configTest.ini").getPath(); - AuthUtils.setEnvironmentCredentialsFile(filePath); - provider = new ProfileCredentialsProvider(); - Assert.assertNotNull(provider.getCredentials()); - - AuthUtils.setClientType("client5"); - try { - provider.getCredentials(); - Assert.fail(); - } catch (ClientException e) { - Assert.assertEquals("Client is not open in the specified credentials file", e.getMessage()); - } - - AuthUtils.setClientType("default"); + public void loadIniTest() throws NoSuchMethodException, IOException, InvocationTargetException, IllegalAccessException { + Method loadIni = ProfileCredentialsProvider.class.getDeclaredMethod("loadIni", Wini.class); + loadIni.setAccessible(true); + String filePath = ProfileCredentialsProviderTest.class.getClassLoader().getResource("configTest.ini").getPath(); + Map> client = (Map>)loadIni.invoke(ProfileCredentialsProvider.class, new Wini(new File(filePath))); + Assert.assertNotNull(client); + Assert.assertEquals("access_key", client.get("default").get("type")); } @Test - public void createCredentialTest() throws NoSuchMethodException, InvocationTargetException, IllegalAccessException { - ProfileCredentialsProvider provider = new ProfileCredentialsProvider(); - Class providerClass = provider.getClass(); - Method createCredential = providerClass.getDeclaredMethod( - "createCredential", Map.class, CredentialsProviderFactory.class); - createCredential.setAccessible(true); - CredentialsProviderFactory factory = new CredentialsProviderFactory(); - Map client = new HashMap(); - try { - createCredential.invoke(provider, client, factory); - Assert.fail(); - } catch (Exception e) { - Assert.assertEquals("The configured client type is empty", e.getCause().getLocalizedMessage()); - } + public void getIniTest() throws NoSuchMethodException, InvocationTargetException, IllegalAccessException { + Method getIni = ProfileCredentialsProvider.class.getDeclaredMethod("getIni", String.class); + getIni.setAccessible(true); + String filePath = ProfileCredentialsProviderTest.class.getClassLoader().getResource("configTest.ini").getPath(); + ProfileCredentialsProvider pcp = new ProfileCredentialsProvider(filePath); + Wini ini = (Wini)getIni.invoke(pcp, filePath); + Assert.assertEquals(5, ini.entrySet().size()); + } + + @Test + public void getCredentialsProvider() throws NoSuchMethodException, InvocationTargetException, IllegalAccessException { + final Method getCredentialsProvider = ProfileCredentialsProvider.class.getDeclaredMethod("getCredentialsProvider", Map.class); + getCredentialsProvider.setAccessible(true); + InvocationTargetException ex = Assert.assertThrows(InvocationTargetException.class, new ThrowingRunnable() { + @Override + public void run() throws Throwable { + ProfileCredentialsProvider pcp = new ProfileCredentialsProvider(); + getCredentialsProvider.invoke(pcp, (Map)null); + } + }); + Assert.assertEquals("Client is not open in the specified credentials file", ex.getCause().getLocalizedMessage()); + InvocationTargetException ex1 = Assert.assertThrows(InvocationTargetException.class, new ThrowingRunnable() { + @Override + public void run() throws Throwable { + ProfileCredentialsProvider pcp = new ProfileCredentialsProvider(); + Map cc = new HashMap(); + getCredentialsProvider.invoke(pcp, cc); + } + }); + Assert.assertEquals("The configured client type is empty", ex1.getCause().getLocalizedMessage()); - client.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_RAM); - try { - createCredential.invoke(provider, client, factory); - Assert.fail(); - } catch (Exception e) { - Assert.assertEquals("The configured role_name is empty", - e.getCause().getLocalizedMessage()); - } - - client.clear(); - client.put(AuthConstant.INI_ACCESS_KEY_ID, AuthConstant.INI_TYPE_RAM); - client.put(AuthConstant.INI_TYPE, "access_key"); - Assert.assertNull(createCredential.invoke(provider, client, factory)); + ProfileCredentialsProvider pcp = new ProfileCredentialsProvider(); + Map cc = new HashMap(); + + // STSAssumeRoleSessionCredentialsProvider + cc.clear(); + cc.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_ARN); + cc.put(AuthConstant.INI_ACCESS_KEY_ID, AuthConstant.INI_TYPE_ARN); + cc.put(AuthConstant.INI_ACCESS_KEY_IDSECRET, AuthConstant.INI_TYPE_ARN); + cc.put(AuthConstant.INI_ROLE_SESSION_NAME, AuthConstant.INI_TYPE_ARN); + cc.put(AuthConstant.INI_ROLE_ARN, AuthConstant.INI_TYPE_ARN); + cc.put(AuthConstant.DEFAULT_REGION, AuthConstant.INI_TYPE_ARN); + Assert.assertTrue(getCredentialsProvider.invoke(pcp, cc) instanceof STSAssumeRoleSessionCredentialsProvider); + + // STSGetSessionAccessKeyCredentialsProvider + cc.clear(); + cc.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_KEY_PAIR); + cc.put(AuthConstant.INI_PUBLIC_KEY_ID, "pkid"); + cc.put(AuthConstant.INI_PRIVATE_KEY, "pk"); + cc.put(AuthConstant.INI_PRIVATE_KEY_FILE, AuthConstant.INI_TYPE_KEY_PAIR); + Assert.assertTrue(getCredentialsProvider.invoke(pcp, cc) instanceof STSGetSessionAccessKeyCredentialsProvider); + // InstanceProfileCredentialsProvider + cc.clear(); + cc.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_RAM); + cc.put(AuthConstant.INI_ROLE_NAME, "role_name"); + Assert.assertTrue(getCredentialsProvider.invoke(pcp, cc) instanceof InstanceProfileCredentialsProvider); + + cc.clear(); + cc.put(AuthConstant.INI_TYPE, "access_key"); + cc.put(AuthConstant.INI_ACCESS_KEY_ID, "akid"); + cc.put(AuthConstant.INI_ACCESS_KEY_IDSECRET, "aksecret"); + Assert.assertTrue(getCredentialsProvider.invoke(pcp, cc) instanceof StaticCredentialsProvider); + InvocationTargetException ex4 = Assert.assertThrows(InvocationTargetException.class, new ThrowingRunnable() { + @Override + public void run() throws Throwable { + ProfileCredentialsProvider pcp = new ProfileCredentialsProvider(); + Map cc = new HashMap(); + cc.put(AuthConstant.INI_TYPE, "invalid_type"); + getCredentialsProvider.invoke(pcp, cc); + } + }); + Assert.assertEquals("The configured client type invalid_type is not supported", ex4.getCause().getLocalizedMessage()); } @Test - public void getSTSAssumeRoleSessionCredentialsTest() throws NoSuchMethodException { - ProfileCredentialsProvider provider = new ProfileCredentialsProvider(); - Class providerClass = provider.getClass(); - Method createCredential = providerClass.getDeclaredMethod( - "createCredential", Map.class, CredentialsProviderFactory.class); - createCredential.setAccessible(true); - CredentialsProviderFactory factory = new CredentialsProviderFactory(); + public void getSTSAssumeRoleSessionCredentialsProviderTest() throws NoSuchMethodException, InvocationTargetException, IllegalAccessException { + Method getSTSAssumeRoleSessionCredentialsProvider = ProfileCredentialsProvider.class.getDeclaredMethod("getSTSAssumeRoleSessionCredentialsProvider", Map.class); + getSTSAssumeRoleSessionCredentialsProvider.setAccessible(true); Map client = new HashMap(); client.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_ARN); - try { - createCredential.invoke(provider, client, factory); - Assert.fail(); - } catch (Exception e) { - Assert.assertEquals("The configured access_key_id or access_key_secret is empty", - e.getCause().getLocalizedMessage()); - } - - try { - client.put(AuthConstant.INI_ACCESS_KEY_ID, AuthConstant.INI_TYPE_ARN); - createCredential.invoke(provider, client, factory); - Assert.fail(); - } catch (Exception e) { - Assert.assertEquals("The configured access_key_id or access_key_secret is empty", - e.getCause().getLocalizedMessage()); - } - try { - client.put(AuthConstant.INI_ACCESS_KEY_IDSECRET, AuthConstant.INI_TYPE_ARN); - createCredential.invoke(provider, client, factory); - Assert.fail(); - } catch (Exception e) { - Assert.assertEquals("The configured role_session_name or role_arn is empty", - e.getCause().getLocalizedMessage()); - } - try { - client.put(AuthConstant.INI_ROLE_SESSION_NAME, AuthConstant.INI_TYPE_ARN); - createCredential.invoke(provider, client, factory); - } catch (Exception e) { - Assert.assertEquals("The configured role_session_name or role_arn is empty", - e.getCause().getLocalizedMessage()); - } + client.put(AuthConstant.INI_ACCESS_KEY_ID, AuthConstant.INI_TYPE_ARN); + client.put(AuthConstant.INI_ACCESS_KEY_IDSECRET, AuthConstant.INI_TYPE_ARN); + client.put(AuthConstant.INI_ROLE_SESSION_NAME, AuthConstant.INI_TYPE_ARN); + client.put(AuthConstant.INI_ROLE_ARN, AuthConstant.INI_TYPE_ARN); + client.put(AuthConstant.DEFAULT_REGION, AuthConstant.INI_TYPE_ARN); + + AlibabaCloudCredentialsProvider p = (AlibabaCloudCredentialsProvider) getSTSAssumeRoleSessionCredentialsProvider.invoke(ProfileCredentialsProvider.class, client); + Assert.assertTrue(p instanceof STSAssumeRoleSessionCredentialsProvider); + } + + @Test + public void getSTSAssumeRoleSessionCredentialsProviderTestCase1() throws NoSuchMethodException, InvocationTargetException, IllegalAccessException { + final Method getSTSAssumeRoleSessionCredentialsProvider = ProfileCredentialsProvider.class.getDeclaredMethod("getSTSAssumeRoleSessionCredentialsProvider", Map.class); + getSTSAssumeRoleSessionCredentialsProvider.setAccessible(true); + + InvocationTargetException ex = Assert.assertThrows(InvocationTargetException.class, new ThrowingRunnable() { + @Override + public void run() throws Throwable { + Map client = new HashMap(); + client.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_ARN); + getSTSAssumeRoleSessionCredentialsProvider.invoke(ProfileCredentialsProvider.class, client); + } + }); + Assert.assertEquals("The configured access_key_id is empty", ex.getCause().getLocalizedMessage()); + + InvocationTargetException ex1 = Assert.assertThrows(InvocationTargetException.class, new ThrowingRunnable() { + @Override + public void run() throws Throwable { + Map client = new HashMap(); + client.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_ARN); + client.put(AuthConstant.INI_ACCESS_KEY_ID, "akid"); + getSTSAssumeRoleSessionCredentialsProvider.invoke(ProfileCredentialsProvider.class, client); + } + }); + Assert.assertEquals("The configured access_key_secret is empty", ex1.getCause().getLocalizedMessage()); + + + InvocationTargetException ex2 = Assert.assertThrows(InvocationTargetException.class, new ThrowingRunnable() { + @Override + public void run() throws Throwable { + Map client = new HashMap(); + client.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_ARN); + client.put(AuthConstant.INI_ACCESS_KEY_ID, "akid"); + client.put(AuthConstant.INI_ACCESS_KEY_IDSECRET, "aksecret"); + getSTSAssumeRoleSessionCredentialsProvider.invoke(ProfileCredentialsProvider.class, client); + } + }); + Assert.assertEquals("The configured role_session_name is empty", ex2.getCause().getLocalizedMessage()); + + InvocationTargetException ex3 = Assert.assertThrows(InvocationTargetException.class, new ThrowingRunnable() { + @Override + public void run() throws Throwable { + Map client = new HashMap(); + client.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_ARN); + client.put(AuthConstant.INI_ACCESS_KEY_ID, "akid"); + client.put(AuthConstant.INI_ACCESS_KEY_IDSECRET, "aksecret"); + client.put(AuthConstant.INI_ROLE_SESSION_NAME, "rsn"); + getSTSAssumeRoleSessionCredentialsProvider.invoke(ProfileCredentialsProvider.class, client); + } + }); + Assert.assertEquals("The configured role_arn is empty", ex3.getCause().getLocalizedMessage()); } @Test - public void getSTSGetSessionAccessKeyCredentialsTest() throws NoSuchMethodException { - ProfileCredentialsProvider provider = new ProfileCredentialsProvider(); - Class providerClass = provider.getClass(); - Method createCredential = providerClass.getDeclaredMethod( - "createCredential", Map.class, CredentialsProviderFactory.class); - createCredential.setAccessible(true); - CredentialsProviderFactory factory = new CredentialsProviderFactory(); + public void getSTSGetSessionAccessKeyCredentialsTest() throws NoSuchMethodException, InvocationTargetException, IllegalAccessException { + Method getSTSGetSessionAccessKeyCredentialsProvider = ProfileCredentialsProvider.class.getDeclaredMethod("getSTSGetSessionAccessKeyCredentialsProvider", Map.class); + getSTSGetSessionAccessKeyCredentialsProvider.setAccessible(true); Map client = new HashMap(); client.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_KEY_PAIR); - try { - createCredential.invoke(provider, client, factory); - Assert.fail(); - } catch (Exception e) { - Assert.assertEquals("The configured private_key_file is empty", - e.getCause().getLocalizedMessage()); - } - client.put(AuthConstant.INI_PRIVATE_KEY_FILE, "sads"); - try { - createCredential.invoke(provider, client, factory); - Assert.fail(); - } catch (Exception e) { - Assert.assertEquals("The configured public_key_id or private_key_file content is empty", - e.getCause().getLocalizedMessage()); - } + client.put(AuthConstant.INI_PUBLIC_KEY_ID, "pkid"); + client.put(AuthConstant.INI_PRIVATE_KEY, "pk"); + client.put(AuthConstant.INI_PRIVATE_KEY_FILE, AuthConstant.INI_TYPE_KEY_PAIR); + AuthUtils.setPrivateKey("test"); + AlibabaCloudCredentialsProvider p = (AlibabaCloudCredentialsProvider) getSTSGetSessionAccessKeyCredentialsProvider.invoke(ProfileCredentialsProvider.class, client); + Assert.assertTrue(p instanceof STSGetSessionAccessKeyCredentialsProvider); + AuthUtils.setPrivateKey(null); } + @Test + public void getSTSGetSessionAccessKeyCredentialsTestCase1() throws NoSuchMethodException { + final Method getSTSGetSessionAccessKeyCredentialsProvider = ProfileCredentialsProvider.class.getDeclaredMethod("getSTSGetSessionAccessKeyCredentialsProvider", Map.class); + getSTSGetSessionAccessKeyCredentialsProvider.setAccessible(true); + + InvocationTargetException ex = Assert.assertThrows(InvocationTargetException.class, new ThrowingRunnable() { + @Override + public void run() throws Throwable { + Map client = new HashMap(); + client.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_KEY_PAIR); + getSTSGetSessionAccessKeyCredentialsProvider.invoke(ProfileCredentialsProvider.class, client); + } + }); + Assert.assertEquals("The configured public_key_id is empty", ex.getCause().getLocalizedMessage()); + + InvocationTargetException ex2 = Assert.assertThrows(InvocationTargetException.class, new ThrowingRunnable() { + @Override + public void run() throws Throwable { + Map client = new HashMap(); + client.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_KEY_PAIR); + client.put(AuthConstant.INI_PUBLIC_KEY_ID, "pkid"); + + getSTSGetSessionAccessKeyCredentialsProvider.invoke(ProfileCredentialsProvider.class, client); + } + }); + Assert.assertEquals("The configured private_key_file is empty", ex2.getCause().getLocalizedMessage()); + + InvocationTargetException ex3 = Assert.assertThrows(InvocationTargetException.class, new ThrowingRunnable() { + @Override + public void run() throws Throwable { + Map client = new HashMap(); + client.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_KEY_PAIR); + client.put(AuthConstant.INI_PUBLIC_KEY_ID, "pkid"); + client.put(AuthConstant.INI_PRIVATE_KEY_FILE, "pkfile"); + getSTSGetSessionAccessKeyCredentialsProvider.invoke(ProfileCredentialsProvider.class, client); + } + }); + Assert.assertEquals("The configured private_key_file content is empty", ex3.getCause().getLocalizedMessage()); + } @Test - public void createCredentialsProviderTest() throws - NoSuchMethodException, InvocationTargetException, IllegalAccessException, ClientException { - ProfileCredentialsProvider profileCredentialsProvider = new ProfileCredentialsProvider(); - Class providerClass = profileCredentialsProvider.getClass(); - Method createCredential = providerClass.getDeclaredMethod( - "createCredential", Map.class, CredentialsProviderFactory.class); - createCredential.setAccessible(true); + public void getInstanceProfileCredentialsProviderTest() throws NoSuchMethodException, InvocationTargetException, IllegalAccessException { + Method getInstanceProfileCredentialsProvider = ProfileCredentialsProvider.class.getDeclaredMethod("getInstanceProfileCredentialsProvider", Map.class); + getInstanceProfileCredentialsProvider.setAccessible(true); Map client = new HashMap(); - client.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_ARN); - client.put(AuthConstant.INI_ACCESS_KEY_ID, AuthConstant.INI_TYPE_ARN); - client.put(AuthConstant.INI_ACCESS_KEY_IDSECRET, AuthConstant.INI_TYPE_ARN); - client.put(AuthConstant.INI_ROLE_SESSION_NAME, AuthConstant.INI_TYPE_ARN); - client.put(AuthConstant.INI_ROLE_ARN, AuthConstant.INI_TYPE_ARN); - client.put(AuthConstant.DEFAULT_REGION, AuthConstant.INI_TYPE_ARN); - STSAssumeRoleSessionCredentialsProvider stsAssumeRoleSessionCredentialsProvider = - Mockito.mock(STSAssumeRoleSessionCredentialsProvider.class); - Mockito.when(stsAssumeRoleSessionCredentialsProvider.getCredentials()).thenReturn(null); - CredentialsProviderFactory factory = Mockito.mock(CredentialsProviderFactory.class); - Mockito.when(factory.createCredentialsProvider(Mockito.any(STSAssumeRoleSessionCredentialsProvider.class))). - thenReturn(stsAssumeRoleSessionCredentialsProvider); - Assert.assertNull(createCredential.invoke(profileCredentialsProvider, client, factory)); - - client.clear(); - client.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_KEY_PAIR); - client.put(AuthConstant.INI_PUBLIC_KEY_ID, AuthConstant.INI_TYPE_KEY_PAIR); - client.put(AuthConstant.INI_PRIVATE_KEY, AuthConstant.INI_TYPE_KEY_PAIR); - client.put(AuthConstant.INI_PRIVATE_KEY_FILE, ProfileCredentialsProviderTest.class.getClassLoader().getResource("test").getPath()); - STSGetSessionAccessKeyCredentialsProvider stsGetSessionAccessKeyCredentialsProvider = - Mockito.mock(STSGetSessionAccessKeyCredentialsProvider.class); - Mockito.when(stsGetSessionAccessKeyCredentialsProvider.getCredentials()).thenReturn(null); - Mockito.when(factory.createCredentialsProvider(Mockito.any(STSGetSessionAccessKeyCredentialsProvider.class))). - thenReturn(stsGetSessionAccessKeyCredentialsProvider); - Assert.assertNull(createCredential.invoke(profileCredentialsProvider, client, factory)); - - client.clear(); client.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_RAM); client.put(AuthConstant.INI_ROLE_NAME, AuthConstant.INI_TYPE_KEY_PAIR); - InstanceProfileCredentialsProvider instanceProfileCredentialsProvider = - Mockito.mock(InstanceProfileCredentialsProvider.class); - Mockito.when(instanceProfileCredentialsProvider.getCredentials()).thenReturn(null); - Mockito.when(factory.createCredentialsProvider(Mockito.any(InstanceProfileCredentialsProvider.class))). - thenReturn(instanceProfileCredentialsProvider); - Assert.assertNull(createCredential.invoke(profileCredentialsProvider, client, factory)); + AlibabaCloudCredentialsProvider p = (AlibabaCloudCredentialsProvider) getInstanceProfileCredentialsProvider.invoke(ProfileCredentialsProvider.class, client); + Assert.assertTrue(p instanceof InstanceProfileCredentialsProvider); } @Test - public void getIniTest() throws NoSuchMethodException, InvocationTargetException, IllegalAccessException { - ProfileCredentialsProvider profileCredentialsProvider = new ProfileCredentialsProvider(); - Class providerClass = profileCredentialsProvider.getClass(); - Method getIni = providerClass.getDeclaredMethod( - "getIni", String.class); - getIni.setAccessible(true); - String file = ProfileCredentialsProviderTest.class.getClassLoader(). - getResource("configTest.ini").getPath(); - Wini firstIni = (Wini) getIni.invoke(profileCredentialsProvider, file); - Wini secondIni = (Wini) getIni.invoke(profileCredentialsProvider, file); - Assert.assertTrue(firstIni.equals(secondIni)); + public void getInstanceProfileCredentialsProviderTestCase1() throws NoSuchMethodException { + final Method getInstanceProfileCredentialsProvider = ProfileCredentialsProvider.class.getDeclaredMethod("getInstanceProfileCredentialsProvider", Map.class); + getInstanceProfileCredentialsProvider.setAccessible(true); + + InvocationTargetException ex = Assert.assertThrows(InvocationTargetException.class, new ThrowingRunnable() { + @Override + public void run() throws Throwable { + Map client = new HashMap(); + client.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_RAM); + getInstanceProfileCredentialsProvider.invoke(ProfileCredentialsProvider.class, client); + } + }); + Assert.assertEquals("The configured role_name is empty", ex.getCause().getLocalizedMessage()); + } + + public void getStaticCredentialsProviderTest() throws NoSuchMethodException, InvocationTargetException, IllegalAccessException { + Method getStaticCredentialsProvider = ProfileCredentialsProvider.class.getDeclaredMethod("getStaticCredentialsProvider", Map.class); + getStaticCredentialsProvider.setAccessible(true); + Map client = new HashMap(); + client.put(AuthConstant.INI_TYPE, AuthConstant.INI_TYPE_RAM); + client.put(AuthConstant.INI_ROLE_NAME, AuthConstant.INI_TYPE_KEY_PAIR); + AlibabaCloudCredentialsProvider p = (AlibabaCloudCredentialsProvider) getStaticCredentialsProvider.invoke(ProfileCredentialsProvider.class, client); + Assert.assertTrue(p instanceof InstanceProfileCredentialsProvider); + } + + @Test + public void getStaticCredentialsProviderTestCase1() throws NoSuchMethodException { + final Method getStaticCredentialsProvider = ProfileCredentialsProvider.class.getDeclaredMethod("getStaticCredentialsProvider", Map.class); + getStaticCredentialsProvider.setAccessible(true); + + InvocationTargetException ex2 = Assert.assertThrows(InvocationTargetException.class, new ThrowingRunnable() { + @Override + public void run() throws Throwable { + ProfileCredentialsProvider pcp = new ProfileCredentialsProvider(); + Map cc = new HashMap(); + cc.put(AuthConstant.INI_TYPE, "access_key"); + getStaticCredentialsProvider.invoke(pcp, cc); + } + }); + Assert.assertEquals("The configured access_key_id is empty", ex2.getCause().getLocalizedMessage()); + } + + @Test + public void getStaticCredentialsProviderTestCase2() throws NoSuchMethodException { + final Method getStaticCredentialsProvider = ProfileCredentialsProvider.class.getDeclaredMethod("getStaticCredentialsProvider", Map.class); + getStaticCredentialsProvider.setAccessible(true); + + InvocationTargetException ex2 = Assert.assertThrows(InvocationTargetException.class, new ThrowingRunnable() { + @Override + public void run() throws Throwable { + ProfileCredentialsProvider pcp = new ProfileCredentialsProvider(); + Map cc = new HashMap(); + cc.put(AuthConstant.INI_TYPE, "access_key"); + cc.put(AuthConstant.INI_ACCESS_KEY_ID, "akid"); + getStaticCredentialsProvider.invoke(pcp, cc); + } + }); + Assert.assertEquals("The configured access_key_secret is empty", ex2.getCause().getLocalizedMessage()); + } + + @Test + public void getCredentialsTest() throws ClientException { + String filePath = ProfileCredentialsProviderTest.class.getClassLoader().getResource("configTest.ini").getPath(); + ProfileCredentialsProvider pcp = new ProfileCredentialsProvider(filePath); + AlibabaCloudCredentials c = pcp.getCredentials(); + Assert.assertEquals("foo", c.getAccessKeyId()); + Assert.assertEquals("bar", c.getAccessKeySecret()); + AlibabaCloudCredentials c1 = pcp.getCredentials(); + Assert.assertEquals("foo", c1.getAccessKeyId()); + Assert.assertEquals("bar", c1.getAccessKeySecret()); + } + + @Test + public void getCredentialsTestCase1() throws ClientException { + final ProfileCredentialsProvider pcp = new ProfileCredentialsProvider("/path/to/invalid.ini"); + ClientException ce = Assert.assertThrows(ClientException.class, new ThrowingRunnable() { + @Override + public void run() throws Throwable { + pcp.getCredentials(); + } + }); + Assert.assertEquals("Client is not open in the specified credentials file", ce.getMessage()); } }