RamRoleArnProvider.php 2.31 KB
Edit Raw Blame History



1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84


<?php

namespace AlibabaCloud\Client\Credentials\Providers;

use AlibabaCloud\Client\AlibabaCloud;
use AlibabaCloud\Client\Credentials\Requests\AssumeRole;
use AlibabaCloud\Client\Credentials\StsCredential;
use AlibabaCloud\Client\Exception\ClientException;
use AlibabaCloud\Client\Exception\ServerException;
use AlibabaCloud\Client\Request\Request;
use AlibabaCloud\Client\Result\Result;
use AlibabaCloud\Client\SDK;

/**
 * Class RamRoleArnProvider
 *
 * @package   AlibabaCloud\Client\Credentials\Providers
 */
class RamRoleArnProvider extends Provider
{

    /**
     * Get credential.
     *
     *
     * @param int $timeout
     * @param int $connectTimeout
     *
     * @return StsCredential
     * @throws ClientException
     * @throws ServerException
     */
    public function get($timeout = Request::TIMEOUT, $connectTimeout = Request::CONNECT_TIMEOUT)
    {
        $credential = $this->getCredentialsInCache();

        if (null === $credential) {
            $result = $this->request($timeout, $connectTimeout);

            if (!isset($result['Credentials']['AccessKeyId'],
                $result['Credentials']['AccessKeySecret'],
                $result['Credentials']['SecurityToken'])) {
                throw new ServerException($result, $this->error, SDK::INVALID_CREDENTIAL);
            }

            $credential = $result['Credentials'];
            $this->cache($credential);
        }

        return new StsCredential(
            $credential['AccessKeyId'],
            $credential['AccessKeySecret'],
            $credential['SecurityToken']
        );
    }

    /**
     * Get credentials by request.
     *
     * @param $timeout
     * @param $connectTimeout
     *
     * @return Result
     * @throws ClientException
     * @throws ServerException
     */
    private function request($timeout, $connectTimeout)
    {
        $clientName = __CLASS__ . \uniqid('ak', true);
        $credential = $this->client->getCredential();

        AlibabaCloud::accessKeyClient(
            $credential->getAccessKeyId(),
            $credential->getAccessKeySecret()
        )->name($clientName);

        return (new AssumeRole($credential))
            ->client($clientName)
            ->timeout($timeout)
            ->connectTimeout($connectTimeout)
            ->debug($this->client->isDebug())
            ->request();
    }
}