public function testThatAssumeRoleWithWebIdentityRequestsDoNotGetSigned() { $client = StsClient::factory(); $mock = new MockPlugin(); $mock->addResponse(new Response(200)); $client->addSubscriber($mock); $command = $client->getCommand('AssumeRoleWithWebIdentity', array('RoleArn' => 'xxxxxxxxxxxxxxxxxxxxxx', 'RoleSessionName' => 'xx', 'WebIdentityToken' => 'xxxx')); $request = $command->prepare(); $command->execute(); $this->assertFalse($request->hasHeader('Authorization')); }
public function testFactoryInitializesClient() { $client = StsClient::factory(array('key' => 'foo', 'secret' => 'bar', 'region' => 'us-west-1')); $this->assertInstanceOf('Aws\\Common\\Credentials\\Credentials', $client->getCredentials()); $this->assertEquals('https://sts.amazonaws.com', $client->getBaseUrl()); $this->assertInstanceOf('Aws\\Common\\Signature\\SignatureV4', $this->readAttribute($client, 'signature')); $this->assertTrue($client->getDescription()->hasOperation('GetSessionToken')); }
public function testCanInstantiateRegionlessClientsWithoutParameters() { $config = array('key' => 'foo', 'secret' => 'bar'); try { // Instantiate all of the clients that do not require a region \Aws\S3\S3Client::factory($config); \Aws\CloudFront\CloudFrontClient::factory($config); \Aws\Route53\Route53Client::factory($config); \Aws\Sts\StsClient::factory($config); } catch (\InvalidArgumentException $e) { $this->fail('All of the above clients should have been instantiated without errors: ' . $e->getMessage()); } }
<?php session_start(); require 'vendor/autoload.php'; use Aws\Sts\StsClient; use Aws\S3\S3Client; use Aws\Common\Credentials; //directory name in the s3 bucket that can be unique for any customer $s3dir = $customer_id = "user_1"; //S3 & accesso S3: $Bucket = '<Bucket Name>'; $RoleArn = '<Role ARN>'; $auth = array('key' => '<AccessKey>', 'secret' => '<SecretKey>'); // Client STS is required to create temporary credentials for the user(customer) $sts = StsClient::factory($auth); //Let's define the personalized policy for the user(Customer that use the service): $Policy = '{ "Version": "2012-10-17", "Statement": [ { "Sid": "AllowAllS3ActionsInUserFolder", "Effect": "Allow", "Action": [ "s3:GetObject" ], "Resource": [ "arn:aws:s3:::' . $Bucket . '/' . $s3dir . '/*" ] } ] }';
/** * @expectedException \Aws\Common\Exception\InvalidArgumentException */ public function testRequiresLongTermCredentials() { StsClient::factory(array('key' => 'foo', 'secret' => 'bar', 'token' => 'foo', 'region' => 'us-west-1')); }
<?php require 'vendor/autoload.php'; define("AWS_ACCESS_KEY", "AKIAIQ5G3H2ETTRQSUUQ"); define("AWS_SECRET_KEY", "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"); define("S3_EUROPE_BUCKET", "adbestkdev-priv-ire"); use Aws\Sts\StsClient; use Aws\S3\S3Client; try { $config = array('key' => AWS_ACCESS_KEY, 'secret' => AWS_SECRET_KEY, 'region' => "eu-west-1"); $sts = StsClient::factory($config); /*$result = $sts->getFederationToken(array( 'Name' => 'User1', 'DurationSeconds' => 3600, 'Policy' => json_encode(array( 'Statement' => array( array( 'Sid' => 'randomstatementid' . time(), 'Action' => array('s3:ListBucket','s:ListBucket'), 'Effect' => 'Allow', 'Resource' => 'arn:aws:s3:::'.S3_EUROPE_BUCKET ) ) )) )); $credentials = $result->get('Credentials');*/ $credentials = $sts->getSessionToken()->get('Credentials'); echo $credentials['AccessKeyId'] . "<br>"; echo urlencode($credentials['SecretAccessKey']) . "<br><br>"; echo $credentials['SessionToken'] . "<br><br>";