Mirroristas/gun
2
0
Fork 0
mirror of https://github.com/amark/gun.git synced 2025-06-09 07:36:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
gun/node_modules/aws-sdk/lib/credentials/temporary_credentials.js
theory 1df561f729 yay
2014-04-01 00:47:41 -06:00

104 lines
3.9 KiB
JavaScript
Raw Blame History

var AWS = require('../core');
/**
* Represents temporary credentials retrieved from {AWS.STS}. Without any
* extra parameters, credentials will be fetched from the
* {AWS.STS.getSessionToken} operation. If an IAM role is provided, the
* {AWS.STS.assumeRole} operation will be used to fetch credentials for the
* role instead.
*
* To setup temporary credentials, configure a set of master credentials
* using the standard credentials providers (environment, EC2 instance metadata,
* or from the filesystem), then set the global credentials to a new
* temporary credentials object:
*
* ```javascript
* // Note that environment credentials are loaded by default,
* // the following line is shown for clarity:
* AWS.config.credentials = new AWS.EnvironmentCredentials('AWS');
*
* // Now set temporary credentials seeded from the master credentials
* AWS.config.credentials = new AWS.TemporaryCredentials();
*
* // subsequent requests will now use temporary credentials from AWS STS.
* new AWS.S3().listBucket(function(err, data) { ... });
* ```
*
* @!attribute masterCredentials
* @return [AWS.Credentials] the master (non-temporary) credentials used to
* get and refresh temporary credentials from AWS STS.
* @note (see constructor)
*/
AWS.TemporaryCredentials = AWS.util.inherit(AWS.Credentials, {
/**
* Creates a new temporary credentials object.
*
* @note In order to create temporary credentials, you first need to have
* "master" credentials configured in {AWS.Config.credentials}. These
* master credentials are necessary to retrieve the temporary credentials,
* as well as refresh the credentials when they expire.
* @param params [map] a map of options that are passed to the
* {AWS.STS.assumeRole} or {AWS.STS.getSessionToken} operations.
* If a `RoleArn` parameter is passed in, credentials will be based on the
* IAM role.
* @example Creating a new credenials object for generic temporary credentials
* AWS.config.credentials = new AWS.TemporaryCredentials();
* @example Creating a new credentials object for an IAM role
* AWS.config.credentials = new AWS.TemporaryCredentials({
* RoleArn: 'arn:aws:iam::1234567890:role/TemporaryCredentials',
* });
* @see AWS.STS.assumeRole
* @see AWS.STS.getSessionToken
*/
constructor: function TemporaryCredentials(params) {
AWS.Credentials.call(this);
this.loadMasterCredentials();
this.service = new AWS.STS();
this.expired = true;
this.params = params || {};
if (this.params.RoleArn) {
this.params.RoleSessionName =
this.params.RoleSessionName || 'temporary-credentials';
}
},
/**
* Refreshes credentials using {AWS.STS.assumeRole} or
* {AWS.STS.getSessionToken}, depending on whether an IAM role ARN was passed
* to the credentials {constructor}.
*
* @callback callback function(err)
* Called when the STS service responds (or fails). When
* this callback is called with no error, it means that the credentials
* information has been loaded into the object (as the `accessKeyId`,
* `secretAccessKey`, and `sessionToken` properties).
* @param err [Error] if an error occurred, this value will be filled
* @see get
*/
refresh: function refresh(callback) {
var self = this;
if (!callback) callback = function(err) { if (err) throw err; };
self.service.config.credentials = self.masterCredentials;
var operation = self.params.RoleArn ?
self.service.assumeRole : self.service.getSessionToken;
operation.call(self.service, self.params, function (err, data) {
if (!err) {
self.service.credentialsFrom(data, self);
}
callback(err);
});
},
/**
* @api private
*/
loadMasterCredentials: function loadMasterCredentials() {
this.masterCredentials = AWS.config.credentials;
while (this.masterCredentials.masterCredentials) {
this.masterCredentials = this.masterCredentials.masterCredentials;
}
}
});
Reference in New Issue View Git Blame Copy Permalink