1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
#ifndef AWS_AUTH_TOKEN_PROVIDERS_PRIVATE_H
#define AWS_AUTH_TOKEN_PROVIDERS_PRIVATE_H
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#include <aws/auth/auth.h>
#include <aws/auth/credentials.h>
/**
* Configuration options for a provider that sources sso token information from the aws profile (by default
* ~/.aws/config) and token from ~/.aws/sso/cache/<sha1 of start url>.json.
*/
struct aws_token_provider_sso_profile_options {
struct aws_credentials_provider_shutdown_options shutdown_options;
/*
* Override of what profile to use to source credentials from ('default' by default)
*/
struct aws_byte_cursor profile_name_override;
/*
* Override path to the profile config file (~/.aws/config by default)
*/
struct aws_byte_cursor config_file_name_override;
/**
* (Optional)
* Use a cached config profile collection. You can also pass a merged collection.
* config_file_name_override will be ignored if this option is provided.
*/
struct aws_profile_collection *config_file_cached;
/* For mocking, leave NULL otherwise */
aws_io_clock_fn *system_clock_fn;
};
/**
* Configuration options for a provider that sources sso token information from the aws profile (by default
* ~/.aws/config) and token from ~/.aws/sso/cache/<sha1 of session name>.json.
*/
struct aws_token_provider_sso_session_options {
struct aws_credentials_provider_shutdown_options shutdown_options;
/*
* Override of what profile to use to source credentials from ('default' by default)
*/
struct aws_byte_cursor profile_name_override;
/*
* Override path to the profile config file (~/.aws/config by default)
*/
struct aws_byte_cursor config_file_name_override;
/**
* (Optional)
* Use a cached config profile collection. You can also pass a merged collection.
* config_file_name_override will be ignored if this option is provided.
*/
struct aws_profile_collection *config_file_cached;
/*
* Connection bootstrap to use for any network connections made
*/
struct aws_client_bootstrap *bootstrap;
/*
* Client TLS context to use for any network connections made.
*/
struct aws_tls_ctx *tls_ctx;
/* For mocking, leave NULL otherwise */
aws_io_clock_fn *system_clock_fn;
};
AWS_EXTERN_C_BEGIN
/**
* Creates a provider that sources sso token based credentials from key-value profiles loaded from the aws
* config("~/.aws/config" by default) and ~/.aws/sso/cache/<sha1 of start url>.json
* This is the legacy way which doesn't support refreshing credentials.
*
* @param allocator memory allocator to use for all memory allocation
* @param options provider-specific configuration options
*
* @return the newly-constructed credentials provider, or NULL if an error occurred.
*/
AWS_AUTH_API
struct aws_credentials_provider *aws_token_provider_new_sso_profile(
struct aws_allocator *allocator,
const struct aws_token_provider_sso_profile_options *options);
/**
* Creates a provider that sources sso token based credentials from key-value profiles loaded from the aws
* config("~/.aws/config" by default) and ~/.aws/sso/cache/<sha1 of session name>.json
* Note: Token refresh is not currently supported
*
* @param allocator memory allocator to use for all memory allocation
* @param options provider-specific configuration options
*
* @return the newly-constructed credentials provider, or NULL if an error occurred.
*/
AWS_AUTH_API
struct aws_credentials_provider *aws_token_provider_new_sso_session(
struct aws_allocator *allocator,
const struct aws_token_provider_sso_session_options *options);
AWS_EXTERN_C_END
#endif /* AWS_AUTH_TOKEN_PROVIDERS_PRIVATE_H */
|
