class AWS::Core::CredentialProviders::SessionProvider

# Session Credential Provider

The session provider consumes long term credentials (`:access_key_id` and `:secret_access_key`) and requests a session from STS. It then returns the short term credential set from STS.

Calling {#refresh} causes the session provider to request a new set of credentials.

This session provider is currently only used for DynamoDB which requires session credentials.

Public Class Methods

new(long_term_credentials) click to toggle source

@param [Hash] long_term_credentials A hash of credentials with

`:access_key_id` and `:secret_access_key` (but not
`:session_token`).
# File lib/aws/core/credential_providers.rb, line 481
def initialize long_term_credentials
  @static = StaticProvider.new(long_term_credentials)
  if @static.session_token
    raise ArgumentError, 'invalid option :session_token'
  end
  @session_mutex = Mutex.new
end

Public Instance Methods

for(long_term_credentials) click to toggle source

@param [Hash] long_term_credentials A hash of credentials with

`:access_key_id` and `:secret_access_key` (but not
`:session_token`).
# File lib/aws/core/credential_providers.rb, line 464
def for long_term_credentials
  @create_mutex.synchronize do
    @session_providers ||= {}
    @session_providers[long_term_credentials[:access_key_id]] =
      self.new(long_term_credentials)
  end
end
orig_refresh()

Aliasing the refresh method so we can call it from the refresh method defined in this class.

Alias for: refresh
refresh() click to toggle source

(see AWS::Core::CredentialProviders::Provider#refresh)

# File lib/aws/core/credential_providers.rb, line 495
def refresh
  refresh_session
  orig_refresh
end
Also aliased as: orig_refresh

Protected Instance Methods

cached_session() click to toggle source

@return [nil,STS::Session] Returns nil if a session has not

already been started.
# File lib/aws/core/credential_providers.rb, line 524
def cached_session
  local_session = nil
  @session_mutex.synchronize do
    local_session = @session
  end
  local_session
end
get_credentials() click to toggle source

(see AWS::Core::CredentialProviders::Provider#get_credentials)

# File lib/aws/core/credential_providers.rb, line 503
def get_credentials
  session = cached_session
  if session.nil?
    refresh_session
    session = cached_session
  end
  session.credentials
end
refresh_session() click to toggle source

Replaces the cached STS session with a new one. @return [nil]

# File lib/aws/core/credential_providers.rb, line 514
def refresh_session
  sts = AWS::STS.new(@static.credentials.merge(:use_ssl => true))
  @session_mutex.synchronize do
    @session = sts.new_session
  end
  nil
end