diff --git a/.phpunit.result.cache b/.phpunit.result.cache new file mode 100644 index 00000000..9d178bea --- /dev/null +++ b/.phpunit.result.cache @@ -0,0 +1 @@ +{"version":1,"defects":{"AlibabaCloud\\Client\\Tests\\Unit\\Credentials\\Providers\\RamRoleArnProviderTest::testAccessKeyIdEmpty":3,"AlibabaCloud\\Client\\Tests\\Unit\\Credentials\\RamRoleArnCredentialTest::testClient":3},"times":{"AlibabaCloud\\Client\\Tests\\Unit\\Credentials\\Providers\\RamRoleArnProviderTest::testAccessKeyIdEmpty":0.009,"AlibabaCloud\\Client\\Tests\\Unit\\Credentials\\Providers\\RamRoleArnProviderTest::testAccessKeyIdFormat":0,"AlibabaCloud\\Client\\Tests\\Unit\\Credentials\\Providers\\RamRoleArnProviderTest::testAccessKeySecretEmpty":0,"AlibabaCloud\\Client\\Tests\\Unit\\Credentials\\Providers\\RamRoleArnProviderTest::testAccessKeySecretFormat":0,"AlibabaCloud\\Client\\Tests\\Unit\\Credentials\\Providers\\RamRoleArnProviderTest::testGet":0.077,"AlibabaCloud\\Client\\Tests\\Unit\\Credentials\\Providers\\RamRoleArnProviderTest::testGetInCache":0.001,"AlibabaCloud\\Client\\Tests\\Unit\\Credentials\\Providers\\RamRoleArnProviderTest::testNoCredentials":0.002,"AlibabaCloud\\Client\\Tests\\Unit\\Credentials\\Providers\\RamRoleArnProviderTest::testOk":0,"AlibabaCloud\\Client\\Tests\\Unit\\Credentials\\RamRoleArnCredentialTest::testConstruct":0.004,"AlibabaCloud\\Client\\Tests\\Unit\\Credentials\\RamRoleArnCredentialTest::testClient":0.005}} \ No newline at end of file diff --git a/src/Clients/Client.php b/src/Clients/Client.php index c8d22803..a51fa89e 100644 --- a/src/Clients/Client.php +++ b/src/Clients/Client.php @@ -32,7 +32,7 @@ class Client /** * @var CredentialsInterface|AccessKeyCredential|BearerTokenCredential|StsCredential|EcsRamRoleCredential|RamRoleArnCredential|RsaKeyPairCredential */ - private $credential; + protected $credential; /** * @var SignatureInterface diff --git a/src/Clients/RamRoleArnClient.php b/src/Clients/RamRoleArnClient.php index b7d3087d..92210afe 100644 --- a/src/Clients/RamRoleArnClient.php +++ b/src/Clients/RamRoleArnClient.php @@ -30,4 +30,17 @@ public function __construct($accessKeyId, $accessKeySecret, $roleArn, $roleSessi new ShaHmac1Signature() ); } + + /** + * @param string $clientName + * + * @return $this + * @throws ClientException + */ + public function withCredentialClient($clientName) + { + $this->credential = $this->credential->withClient($clientName); + + return $this; + } } diff --git a/src/Credentials/Providers/RamRoleArnProvider.php b/src/Credentials/Providers/RamRoleArnProvider.php index ce4de41c..13ffa71a 100644 --- a/src/Credentials/Providers/RamRoleArnProvider.php +++ b/src/Credentials/Providers/RamRoleArnProvider.php @@ -10,6 +10,7 @@ use AlibabaCloud\Client\Exception\ClientException; use AlibabaCloud\Client\Exception\ServerException; use AlibabaCloud\Client\Credentials\Requests\AssumeRole; +use AlibabaCloud\Client\Filter\CredentialFilter; /** * Class RamRoleArnProvider @@ -68,11 +69,15 @@ private function request($timeout, $connectTimeout) { $clientName = __CLASS__ . \uniqid('ak', true); $credential = $this->client->getCredential(); - - AlibabaCloud::accessKeyClient( - $credential->getAccessKeyId(), - $credential->getAccessKeySecret() - )->name($clientName); + if (!is_null($credential->getClient())) { + $clientName = $credential->getClient(); + } else { + CredentialFilter::AccessKey($credential->getAccessKeyId(), $credential->getAccessKeySecret()); + AlibabaCloud::accessKeyClient( + $credential->getAccessKeyId(), + $credential->getAccessKeySecret() + )->name($clientName); + } return (new AssumeRole($credential)) ->client($clientName) diff --git a/src/Credentials/RamRoleArnCredential.php b/src/Credentials/RamRoleArnCredential.php index 6bdf5be9..ffe12a59 100644 --- a/src/Credentials/RamRoleArnCredential.php +++ b/src/Credentials/RamRoleArnCredential.php @@ -2,7 +2,7 @@ namespace AlibabaCloud\Client\Credentials; -use AlibabaCloud\Client\Filter\CredentialFilter; +use AlibabaCloud\Client\AlibabaCloud; use AlibabaCloud\Client\Exception\ClientException; /** @@ -13,6 +13,11 @@ class RamRoleArnCredential implements CredentialsInterface { + /** + * @var string + */ + private $client; + /** * @var string */ @@ -51,8 +56,6 @@ class RamRoleArnCredential implements CredentialsInterface */ public function __construct($accessKeyId, $accessKeySecret, $roleArn, $roleSessionName, $policy = '') { - CredentialFilter::AccessKey($accessKeyId, $accessKeySecret); - $this->accessKeyId = $accessKeyId; $this->accessKeySecret = $accessKeySecret; $this->roleArn = $roleArn; @@ -60,6 +63,19 @@ public function __construct($accessKeyId, $accessKeySecret, $roleArn, $roleSessi $this->policy = $policy; } + /** + * @param string $clientName + * + * @return $this + * @throws ClientException + */ + public function withClient($clientName) + { + $this->client = $clientName; + + return $this; + } + /** * @return string */ @@ -76,6 +92,14 @@ public function getAccessKeySecret() return $this->accessKeySecret; } + /** + * @return string + */ + public function getClient() + { + return $this->client; + } + /** * @return string */ @@ -105,6 +129,12 @@ public function getPolicy() */ public function __toString() { - return "$this->accessKeyId#$this->accessKeySecret#$this->roleArn#$this->roleSessionName"; + $accessKeyId = $this->accessKeyId; + $accessKeySecret = $this->accessKeySecret; + if (!is_null($this->client)) { + $accessKeyId = AlibabaCloud::get($this->client)->getCredential()->getAccessKeyId(); + $accessKeySecret = AlibabaCloud::get($this->client)->getCredential()->getAccessKeySecret(); + } + return "$accessKeyId#$accessKeySecret#$this->client#$this->roleArn#$this->roleSessionName"; } } diff --git a/tests/Unit/Credentials/Providers/ProviderTest.php b/tests/Unit/Credentials/Providers/ProviderTest.php index 4ef3529b..46605e8d 100644 --- a/tests/Unit/Credentials/Providers/ProviderTest.php +++ b/tests/Unit/Credentials/Providers/ProviderTest.php @@ -78,7 +78,7 @@ public function key() ], [ new RamRoleArnClient('foo', 'bar', 'arn', 'name'), - 'foo#bar#arn#name', + 'foo#bar##arn#name', ], [ new RsaKeyPairClient('foo', VirtualRsaKeyPairCredential::ok()), diff --git a/tests/Unit/Credentials/Providers/RamRoleArnProviderTest.php b/tests/Unit/Credentials/Providers/RamRoleArnProviderTest.php index 885af93d..18c40fcd 100644 --- a/tests/Unit/Credentials/Providers/RamRoleArnProviderTest.php +++ b/tests/Unit/Credentials/Providers/RamRoleArnProviderTest.php @@ -31,6 +31,78 @@ protected function finalize() AlibabaCloud::cancelMock(); } + /** + * @throws ClientException + */ + public function testAccessKeyIdEmpty() + { + $this->expectException(ClientException::class); + $this->expectExceptionMessage('AccessKey ID cannot be empty'); + // Setup + $client = new RamRoleArnClient( + '', + 'access_key_secret', + 'role_arn', + 'role_session_name' + ); + $provider = new RamRoleArnProvider($client); + $provider->get(); + } + + /** + * @throws ClientException + */ + public function testAccessKeyIdFormat() + { + $this->expectException(ClientException::class); + $this->expectExceptionMessage('AccessKey ID must be a string'); + // Setup + $client = new RamRoleArnClient( + null, + 'access_key_secret', + 'role_arn', + 'role_session_name' + ); + $provider = new RamRoleArnProvider($client); + $provider->get(); + } + + /** + * @throws ClientException + */ + public function testAccessKeySecretEmpty() + { + $this->expectException(ClientException::class); + $this->expectExceptionMessage('AccessKey Secret cannot be empty'); + // Setup + $client = new RamRoleArnClient( + 'access_key_id', + '', + 'role_arn', + 'role_session_name' + ); + $provider = new RamRoleArnProvider($client); + $provider->get(); + } + + /** + * @throws ClientException + */ + public function testAccessKeySecretFormat() + { + $this->expectException(ClientException::class); + $this->expectExceptionMessage('AccessKey Secret must be a string'); + // Setup + $client = new RamRoleArnClient( + 'access_key_id', + null, + 'role_arn', + 'role_session_name' + ); + $provider = new RamRoleArnProvider($client); + $provider->get(); + } + /** * @throws ClientException */ @@ -54,7 +126,6 @@ public function testGet() } catch (ServerException $e) { self::assertEquals('InvalidAccessKeyId.NotFound', $e->getErrorCode()); } - } /** @@ -91,7 +162,6 @@ public function testGetInCache() // Assert self::assertInstanceOf(StsCredential::class, $actual); - } /** @@ -108,7 +178,6 @@ public function testNoCredentials() $provider = new RamRoleArnProvider($client); $provider->get(); - } /** @@ -140,7 +209,5 @@ public function testOk() $provider = new RamRoleArnProvider($client); $credential = $provider->get(); self::assertInstanceOf(StsCredential::class, $credential); - } - } diff --git a/tests/Unit/Credentials/RamRoleArnCredentialTest.php b/tests/Unit/Credentials/RamRoleArnCredentialTest.php index bbbabb5a..f57b86df 100644 --- a/tests/Unit/Credentials/RamRoleArnCredentialTest.php +++ b/tests/Unit/Credentials/RamRoleArnCredentialTest.php @@ -3,6 +3,7 @@ namespace AlibabaCloud\Client\Tests\Unit\Credentials; use PHPUnit\Framework\TestCase; +use AlibabaCloud\Client\AlibabaCloud; use AlibabaCloud\Client\Exception\ClientException; use AlibabaCloud\Client\Credentials\RamRoleArnCredential; @@ -38,7 +39,7 @@ public function testConstruct() $this->assertEquals($sessionName, $credential->getRoleSessionName()); $this->assertEquals($policy, $credential->getPolicy()); $this->assertEquals( - "$accessKeyId#$accessKeySecret#$arn#$sessionName", + "$accessKeyId#$accessKeySecret##$arn#$sessionName", (string)$credential ); } @@ -46,68 +47,33 @@ public function testConstruct() /** * @throws ClientException */ - public function testAccessKeyIdEmpty() + public function testClient() { - $this->expectException(ClientException::class); - $this->expectExceptionMessage('AccessKey ID cannot be empty'); // Setup - $accessKeyId = ''; + $accessKeyId = 'access_key_id'; $accessKeySecret = 'access_key_secret'; $arn = 'role_arn'; $sessionName = 'role_session_name'; + $policy = ''; - // Test - new RamRoleArnCredential($accessKeyId, $accessKeySecret, $arn, $sessionName); - } - - /** - * @throws ClientException - */ - public function testAccessKeyIdFormat() - { - $this->expectException(ClientException::class); - $this->expectExceptionMessage('AccessKey ID must be a string'); - // Setup - $accessKeyId = null; - $accessKeySecret = 'access_key_secret'; - $arn = 'role_arn'; - $sessionName = 'role_session_name'; + AlibabaCloud::accessKeyClient( + $accessKeyId, + $accessKeySecret + )->name('clientName'); // Test - new RamRoleArnCredential($accessKeyId, $accessKeySecret, $arn, $sessionName); - } - - /** - * @throws ClientException - */ - public function testAccessKeySecretEmpty() - { - $this->expectException(ClientException::class); - $this->expectExceptionMessage('AccessKey Secret cannot be empty'); - // Setup - $accessKeyId = 'access_key_id'; - $accessKeySecret = ''; - $arn = 'role_arn'; - $sessionName = 'role_session_name'; + $credential = (new RamRoleArnCredential(null, null, $arn, $sessionName))->withClient('clientName'); - // Test - new RamRoleArnCredential($accessKeyId, $accessKeySecret, $arn, $sessionName); + // Assert + $this->assertNull($credential->getAccessKeyId()); + $this->assertNull($credential->getAccessKeySecret()); + $this->assertEquals($arn, $credential->getRoleArn()); + $this->assertEquals($sessionName, $credential->getRoleSessionName()); + $this->assertEquals($policy, $credential->getPolicy()); + $this->assertEquals( + "$accessKeyId#$accessKeySecret#clientName#$arn#$sessionName", + (string)$credential + ); } - /** - * @throws ClientException - */ - public function testAccessKeySecretFormat() - { - $this->expectException(ClientException::class); - $this->expectExceptionMessage('AccessKey Secret must be a string'); - // Setup - $accessKeyId = 'access_key_id'; - $accessKeySecret = null; - $arn = 'role_arn'; - $sessionName = 'role_session_name'; - - // Test - new RamRoleArnCredential($accessKeyId, $accessKeySecret, $arn, $sessionName); - } }