Skip to content
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions Package.swift
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@ let package = Package(
.product(name: "Metrics", package: "swift-metrics"),
.product(name: "NIOCore", package: "swift-nio"),
.product(name: "NIOHTTP1", package: "swift-nio"),
.product(name: "_NIOFileSystem", package: "swift-nio"),
.product(name: "NIOPosix", package: "swift-nio"),
.product(name: "NIOSSL", package: "swift-nio-ssl"),
.product(name: "NIOTransportServices", package: "swift-nio-transport-services"),
Expand Down
13 changes: 7 additions & 6 deletions Sources/SotoCore/Credential/ConfigFileLoader.swift
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ import INIParser
import Logging
import NIOCore
import NIOPosix
import _NIOFileSystem

/// Load settings from AWS credentials and profile configuration files
/// https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html
Expand Down Expand Up @@ -91,13 +92,13 @@ enum ConfigFileLoader {
profile: String,
threadPool: NIOThreadPool = .singleton
) async throws -> SharedCredentials {
let fileIO = NonBlockingFileIO(threadPool: threadPool)
let fileSystem = FileSystem(threadPool: threadPool)
let credentialsByteBuffer: ByteBuffer
do {
// Load credentials file
credentialsByteBuffer = try await self.loadFile(
path: credentialsFilePath,
fileIO: fileIO
fileSystem: fileSystem
)
} catch {
// Throw `.noProvider` error if credential file cannot be loaded
Expand All @@ -108,7 +109,7 @@ enum ConfigFileLoader {
// Load profile config file
configByteBuffer = try await self.loadFile(
path: configFilePath,
fileIO: fileIO
fileSystem: fileSystem
)
} catch {
configByteBuffer = nil
Expand All @@ -122,10 +123,10 @@ enum ConfigFileLoader {
/// - eventLoop: event loop to run everything on
/// - fileIO: non-blocking file IO
/// - Returns: Event loop future with file contents in a byte-buffer
static func loadFile(path: String, fileIO: NonBlockingFileIO) async throws -> ByteBuffer {
static func loadFile(path: String, fileSystem: FileSystem) async throws -> ByteBuffer {
let path = self.expandTildeInFilePath(path)
return try await fileIO.withFileRegion(path: path) { fileRegion in
try await fileIO.read(fileHandle: fileRegion.fileHandle, byteCount: fileRegion.readableBytes, allocator: ByteBufferAllocator())
return try await fileSystem.withFileHandle(forReadingAt: .init(path)) { read in
try await read.readToEnd(maximumSizeAllowed: .megabytes(1))
}
}

Expand Down
12 changes: 4 additions & 8 deletions Sources/SotoCore/Credential/STSAssumeRole.swift
Original file line number Diff line number Diff line change
Expand Up @@ -14,14 +14,10 @@

import AsyncHTTPClient
import NIOPosix
import _NIOFileSystem

import struct Foundation.TimeInterval

#if compiler(<5.9) && os(Linux)
@preconcurrency import struct Foundation.Date
#else
import struct Foundation.Date
#endif
import struct Foundation.TimeInterval

struct STSAssumeRoleRequest: AWSEncodableShape {
/// The Amazon Resource Name (ARN) of the role to assume.
Expand Down Expand Up @@ -219,10 +215,10 @@ struct STSAssumeRoleCredentialProvider: CredentialProviderWithClient {
credentials = try await self.assumeRole(request, logger: logger).credentials
case .assumeRoleWithWebIdentity(let arn, let sessioName, let tokenFile, let threadPool):
// load token id file
let fileIO = NonBlockingFileIO(threadPool: threadPool)
let fileSystem = FileSystem(threadPool: threadPool)
let token: String
do {
let tokenBuffer = try await ConfigFileLoader.loadFile(path: tokenFile, fileIO: fileIO)
let tokenBuffer = try await ConfigFileLoader.loadFile(path: tokenFile, fileSystem: fileSystem)
token = String(buffer: tokenBuffer)
} catch {
throw CredentialProviderError.tokenIdFileFailedToLoad
Expand Down
9 changes: 5 additions & 4 deletions Tests/SotoCoreTests/Credential/STSAssumeRoleTests.swift
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ import NIOPosix
import SotoTestUtils
import SotoXML
import XCTest
import _NIOFileSystem

@testable import SotoCore

Expand Down Expand Up @@ -68,11 +69,11 @@ class STSAssumeRoleTests: XCTestCase {
Environment.unset(name: "AWS_ROLE_SESSION_NAME")
Environment.unset(name: "AWS_WEB_IDENTITY_TOKEN_FILE")
}
let fileIO = NonBlockingFileIO(threadPool: .singleton)
let fileSystem = FileSystem(threadPool: .singleton)
let webIdentityToken = "TestThis"
// Write token to file referenced by AWS_WEB_IDENTITY_TOKEN_FILE env variable
try await fileIO.withFileHandle(path: "temp_webidentity_token", mode: .write, flags: .allowFileCreation()) { fileHandle in
try await fileIO.write(fileHandle: fileHandle, buffer: ByteBuffer(string: webIdentityToken))
_ = try await fileSystem.withFileHandle(forWritingAt: .init("temp_webidentity_token"), options: .newFile(replaceExisting: true)) { write in
try await write.write(contentsOf: ByteBuffer(string: webIdentityToken), toAbsoluteOffset: 0)
}
try await withTeardown {
let testServer = AWSTestServer(serviceProtocol: .xml)
Expand Down Expand Up @@ -104,7 +105,7 @@ class STSAssumeRoleTests: XCTestCase {
let stsCredentials = try XCTUnwrap(credential as? STSCredentials)
XCTAssertEqual(stsCredentials.sessionToken, "WebIdentityToken=TestThis")
} teardown: {
try? await fileIO.remove(path: "temp_webidentity_token")
_ = try? await fileSystem.removeItem(at: .init("temp_webidentity_token"))
}
}

Expand Down