honeymoose/OpenSearch
1
0
Fork 0
mirror of https://github.com/honeymoose/OpenSearch.git synced 2025-02-23 05:15:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

Test that buildCredentials returns correct clazz (#23334)

Browse Source 
This is fallout from #23297. That commit wrapped
`InstanceProfileCredentialsProvider` to ensure that the `getCredentials`
and `refresh` methods had privileged access. However, it looks like
there was a test ensuring that `buildCredentials` returned the correct
clazz type. This commit adjusts that test to check that the correct
wrapper is returned.
This commit is contained in:
Tim Brooks 2017-02-23 17:33:15 -06:00 committed by GitHub
parent eeac6d27f2
commit 0e802961f1
2 changed files with 20 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
plugins/repository-s3/src/main/java/org/elasticsearch/cloud/aws/InternalAwsS3Service.java
View File

@ -150,18 +150,7 @@ public class InternalAwsS3Service extends AbstractLifecycleComponent implements
if (key.length() == 0 && secret.length() == 0) { if (key.length() == 0 && secret.length() == 0) {
logger.debug("Using instance profile credentials"); logger.debug("Using instance profile credentials");
AWSCredentialsProvider credentials = new InstanceProfileCredentialsProvider(); return new PrivilegedInstanceProfileCredentialsProvider();
return new AWSCredentialsProvider() {
@Override
public AWSCredentials getCredentials() {
return SocketAccess.doPrivileged(credentials::getCredentials);
}
@Override
public void refresh() {
SocketAccess.doPrivilegedVoid(credentials::refresh);
}
};
} else { } else {
logger.debug("Using basic key/secret credentials"); logger.debug("Using basic key/secret credentials");
return new StaticCredentialsProvider(new BasicAWSCredentials(key.toString(), secret.toString())); return new StaticCredentialsProvider(new BasicAWSCredentials(key.toString(), secret.toString()));
@ -221,4 +210,22 @@ public class InternalAwsS3Service extends AbstractLifecycleComponent implements
// Ensure that IdleConnectionReaper is shutdown // Ensure that IdleConnectionReaper is shutdown
IdleConnectionReaper.shutdown(); IdleConnectionReaper.shutdown();
} }
static class PrivilegedInstanceProfileCredentialsProvider implements AWSCredentialsProvider {
private final InstanceProfileCredentialsProvider credentials;
private PrivilegedInstanceProfileCredentialsProvider() {
this.credentials = new InstanceProfileCredentialsProvider();
}
@Override
public AWSCredentials getCredentials() {
return SocketAccess.doPrivileged(credentials::getCredentials);
}
@Override
public void refresh() {
SocketAccess.doPrivilegedVoid(credentials::refresh);
}
}
} }

2
plugins/repository-s3/src/test/java/org/elasticsearch/cloud/aws/AwsS3ServiceImplTests.java
View File

@ -37,7 +37,7 @@ public class AwsS3ServiceImplTests extends ESTestCase {
public void testAWSCredentialsWithSystemProviders() { public void testAWSCredentialsWithSystemProviders() {
AWSCredentialsProvider credentialsProvider = AWSCredentialsProvider credentialsProvider =
InternalAwsS3Service.buildCredentials(logger, deprecationLogger, Settings.EMPTY, Settings.EMPTY, "default"); InternalAwsS3Service.buildCredentials(logger, deprecationLogger, Settings.EMPTY, Settings.EMPTY, "default");
assertThat(credentialsProvider, instanceOf(AWSCredentialsProvider.class)); assertThat(credentialsProvider, instanceOf(InternalAwsS3Service.PrivilegedInstanceProfileCredentialsProvider.class));
} }
public void testAwsCredsDefaultSettings() { public void testAwsCredsDefaultSettings() {