/** * @dataProvider dataForRetryableErrorTest */ public function testReturnsTrueForRetryableErrors(Response $response, $retry) { $client = $this->getServiceBuilder()->get('s3', true); $lines = array(); $log = new LogPlugin(new ClosureLogAdapter(function ($message) use(&$lines) { $lines[] = $message; }), "{request}"); $client->addSubscriber($log); $imc = InstanceMetadataClient::factory(array()); $imc->setBaseUrl('http://localhost:123'); $credentials = new RefreshableInstanceProfileCredentials(new Credentials('foo', 'baz', 'bar', time() + 10000), $imc); $mock = $this->setMockResponse($imc, array('metadata/iam_security_credentials', 'metadata/iam_security_credentials_webapp')); $client->setCredentials($credentials); $this->setMockResponse($client, array($response, new Response(200))); $request = $client->get('/'); try { $request->send(); if (!$retry) { $this->fail('Should have thrown an exception'); } // Ensure that the instance profile client sent two requests $this->assertEquals(2, count($mock->getReceivedRequests())); $this->assertEquals(2, count($lines)); $this->assertContains('x-amz-security-token: bar', $lines[0]); $this->assertContains('x-amz-security-token: AxCusEXAMPLEFooBarBaz', $lines[1]); } catch (\Exception $e) { if ($retry) { $this->fail('Threw exception when not expected: ' . $e->getMessage()); } $this->assertCount(0, $mock->getReceivedRequests()); } }
/** * @expectedException \Aws\Common\Exception\InstanceProfileCredentialsException * @expectedExceptionMessage Unexpected response code: InstanceProfileNotFound */ public function testEnsuresResponseCodeIsSuccess() { $client = InstanceMetadataClient::factory(); $mock = new MockPlugin(array($this->getMockResponse('metadata/iam_security_credentials'), new Response(200, null, '{ "Code": "InstanceProfileNotFound" }'))); $client->getEventDispatcher()->addSubscriber($mock); $client->getInstanceProfileCredentials(); }
public function testCreatesDefaultPluginForConfig() { list($config, $plugin, $resolver) = $this->getMocks(); // Ensure that an backoff plugin is on the client $config->set('resolvers', array($resolver)); $client = Client::factory(); $resolver->resolve($config, $client); $this->assertTrue($this->hasSubscriber($client, $plugin)); }
/** * Attempt to get new credentials from the instance profile * * @throws InstanceProfileCredentialsException On error */ protected function refresh() { try { $request = $this->client->get('meta-data/iam/security-credentials/'); $request->getCurlOptions()->set(CURLOPT_TIMEOUT, 1)->set(CURLOPT_CONNECTTIMEOUT, 1); $credentials = trim($request->send()->getBody(true)); $json = $this->client->get("meta-data/iam/security-credentials/{$credentials}")->send()->getBody(true); $result = json_decode($json, true); } catch (\Exception $e) { $message = 'Error retrieving credentials from the instance profile metadata server. When you are not' . ' running inside of Amazon EC2, you must provide your AWS access key ID and secret access key in' . ' the "key" and "secret" options when creating a client or provide an instantiated' . ' Aws\\Common\\Credentials\\CredentialsInterface object.'; throw new InstanceProfileCredentialsException($message, $e->getCode(), $e); } // Ensure that the status code was successful if ($result['Code'] !== 'Success') { $e = new InstanceProfileCredentialsException('Unexpected response code: ' . $result['Code']); $e->setStatusCode($result['Code']); throw $e; } $this->credentials->setAccessKeyId($result['AccessKeyId'])->setSecretKey($result['SecretAccessKey'])->setSecurityToken($result['Token'])->setExpiration(strtotime($result['Expiration'])); }
public function testCanWait() { $waiter = $this->getMockBuilder('Aws\\Common\\Waiter\\AbstractResourceWaiter')->setMethods(array('wait'))->getMockForAbstractClass(); $client = InstanceMetadataClient::factory(); $waiter->setClient($client); $this->assertSame($client, $this->readAttribute($waiter, 'client')); $config = array('baz' => 'bar'); $waiter->setConfig($config); $this->assertSame($config, $this->readAttribute($waiter, 'config')); $resourceId = 'foo'; $waiter->setResourceId($resourceId); $this->assertSame($resourceId, $this->readAttribute($waiter, 'resourceId')); try { $waiter->wait(); } catch (\Exception $e) { } }
/** * Create Policy for S3 Upload. */ public function createPolicy() { date_default_timezone_set('UTC'); $base_time = time(); // will be replaced from Env var or IAM Role if (isset($_SERVER['OSS_AWS_ACCESS_ID']) && isset($_SERVER['OSS_AWS_SECRET_KEY'])) { $access_id = $_SERVER['OSS_AWS_ACCESS_ID']; $secret_key = $_SERVER['OSS_AWS_SECRET_KEY']; $security_token = ''; } else { $meta_client = InstanceMetadataClient::factory(); $credentials = $meta_client->getInstanceProfileCredentials(); $access_id = $credentials->getAccessKeyId(); $secret_key = $credentials->getSecretKey(); $security_token = $credentials->getSecurityToken(); } $region = Configure::read('region'); $bucket_name = Configure::read('bucket_name'); return $this->populatePolicy($base_time, $access_id, $secret_key, $security_token, $region, $bucket_name); }
public function testCredentialsUsesApcCacheWhenCacheIsTrue() { if (!extension_loaded('apc')) { $this->markTestSkipped('APC is not installed'); } $client = InstanceMetadataClient::factory(); $credentials = Credentials::factory(array('credentials.client' => $client, 'credentials.cache' => true)); $this->assertInstanceOf('Aws\\Common\\Credentials\\CacheableCredentials', $credentials); $this->assertInstanceOf('Guzzle\\Cache\\DoctrineCacheAdapter', $this->readAttribute($credentials, 'cache')); }
/** * Attempt to get new credentials from the instance profile * * @throws InstanceProfileCredentialsException On error */ protected function refresh() { $credentials = $this->client->getInstanceProfileCredentials(); // Expire the token 1 minute before it actually expires to pre-fetch before expiring $this->credentials->setAccessKeyId($credentials->getAccessKeyId())->setSecretKey($credentials->getSecretKey())->setSecurityToken($credentials->getSecurityToken())->setExpiration($credentials->getExpiration()); }
protected function getMetadataCredentials() { $client = InstanceMetadataClient::factory(array()); $credentials = new RefreshableInstanceProfileCredentials(new Credentials('foo', 'baz', 'bar', 1), $client); return array($client, $credentials); }
public function testCredentialsUsesApcCacheWhenCacheIsTrue() { $client = InstanceMetadataClient::factory(); $credentials = Credentials::factory(array('credentials.client' => $client, 'credentials.cache' => true)); $this->assertInstanceOf('Aws\\Common\\Credentials\\CacheableCredentials', $credentials); $this->assertInstanceOf('Guzzle\\Cache\\DoctrineCacheAdapter', $this->readAttribute($credentials, 'cache')); }
/** * @covers Aws\Common\InstanceMetadata\InstanceMetadataClient::getCredentials */ public function testCredentialsAreNull() { $client = InstanceMetadataClient::factory(); $this->assertNull($client->getCredentials()); }
/** * Attempt to get new credentials from the instance profile * * @throws InstanceProfileCredentialsException On error */ protected function refresh() { $credentials = $this->client->getInstanceProfileCredentials(); // Expire the token 30 minutes early to pre-fetch before expiring. $this->credentials->setAccessKeyId($credentials->getAccessKeyId())->setSecretKey($credentials->getSecretKey())->setSecurityToken($credentials->getSecurityToken())->setExpiration($credentials->getExpiration() - 1800); }
/** * Attempt to get new credentials from the instance profile * * @throws InstanceProfileCredentialsException On error */ protected function refresh() { $credentials = $this->client->getInstanceProfileCredentials(); $this->credentials->setAccessKeyId($credentials->getAccessKeyId())->setSecretKey($credentials->getSecretKey())->setSecurityToken($credentials->getSecurityToken())->setExpiration($credentials->getExpiration()); }