1 /**
2  * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
3  * SPDX-License-Identifier: Apache-2.0.
4  */
5 package software.amazon.awssdk.crt.auth.credentials;
6 
7 import java.lang.IllegalArgumentException;
8 
9 /**
10  * A class that wraps the a credentials provider that returns a fixed set of credentials
11  */
12 public class StaticCredentialsProvider extends CredentialsProvider {
13 
14     /**
15      * A simple builder class for a static credentials provider and its options
16      */
17     static public class StaticCredentialsProviderBuilder {
18 
19         private byte[] accessKeyId;
20         private byte[] secretAccessKey;
21         private byte[] sessionToken;
22 
23         /**
24          * Default constructor
25          */
StaticCredentialsProviderBuilder()26         public StaticCredentialsProviderBuilder() {}
27 
28         /**
29          * Sets the AWS access key id to use within the static credentials
30          * @param accessKeyId AWS access key id to use
31          * @return this builder object
32          */
withAccessKeyId(byte[] accessKeyId)33         public StaticCredentialsProviderBuilder withAccessKeyId(byte[] accessKeyId) {
34             this.accessKeyId = accessKeyId;
35 
36             return this;
37         }
38 
getAccessKeyId()39         byte[] getAccessKeyId() { return accessKeyId; }
40 
41         /**
42          * Sets the AWS secret access key to use within the static credentials
43          * @param secretAccessKey AWS secret access key to use
44          * @return this builder object
45          */
withSecretAccessKey(byte[] secretAccessKey)46         public StaticCredentialsProviderBuilder withSecretAccessKey(byte[] secretAccessKey) {
47             this.secretAccessKey = secretAccessKey;
48 
49             return this;
50         }
51 
getSecretAccessKey()52         byte[] getSecretAccessKey() { return secretAccessKey; }
53 
54         /**
55          * Sets the AWS session token to use within the static credentials.  Session credentials are inherently
56          * time-bound; static providers do not provide any mechanism to update session-based credentials, and use
57          * of session-based credentials with a static provider is discouraged.
58          * @param sessionToken AWS session token to use
59          * @return this builder object
60          */
withSessionToken(byte[] sessionToken)61         public StaticCredentialsProviderBuilder withSessionToken(byte[] sessionToken) {
62             this.sessionToken = sessionToken;
63 
64             return this;
65         }
66 
getSessionToken()67         byte[] getSessionToken() { return sessionToken; }
68 
69         /**
70          * sets the entire credential set to use within the static credentials provider.  Overrides all three
71          * components.
72          * @param credentials AWS credentials to use
73          * @return this builder object
74          */
withCredentials(Credentials credentials)75         public StaticCredentialsProviderBuilder withCredentials(Credentials credentials) {
76             this.accessKeyId = credentials.getAccessKeyId();
77             this.secretAccessKey = credentials.getSecretAccessKey();
78             this.sessionToken = credentials.getSessionToken();
79 
80             return this;
81         }
82 
83         /**
84          * Builds a new static credentials provider based on the builder configuration
85          * @return a new static credentials provider
86          */
build()87         public StaticCredentialsProvider build() {
88             return new StaticCredentialsProvider(this);
89         }
90     }
91 
StaticCredentialsProvider(StaticCredentialsProviderBuilder builder)92     private StaticCredentialsProvider(StaticCredentialsProviderBuilder builder) {
93         super();
94         byte[] accessKeyId = builder.getAccessKeyId();
95         byte[] secretAccessKey = builder.getSecretAccessKey();
96         if (accessKeyId == null || secretAccessKey == null) {
97             throw new IllegalArgumentException("StaticCredentialsProvider - accessKeyId and secretAccessKey must be non null");
98         }
99 
100         byte[] sessionToken = builder.getSessionToken();
101 
102         long nativeHandle = staticCredentialsProviderNew(this, accessKeyId, secretAccessKey, sessionToken);
103         acquireNativeHandle(nativeHandle);
104     }
105 
106     /*******************************************************************************
107      * Native methods
108      ******************************************************************************/
109 
staticCredentialsProviderNew(StaticCredentialsProvider thisObj, byte[] accessKeyId, byte[] secretAccessKey, byte[] sessionToken)110     private static native long staticCredentialsProviderNew(StaticCredentialsProvider thisObj, byte[] accessKeyId, byte[] secretAccessKey, byte[] sessionToken);
111 }
112