Grcov report - assume_role_credentials

1

#pragma once

2

3

#include "envoy/extensions/common/aws/v3/credential_provider.pb.h"

4

5

#include "source/common/common/cancel_wrapper.h"

6

#include "source/extensions/common/aws/aws_cluster_manager.h"

7

#include "source/extensions/common/aws/metadata_credentials_provider_base.h"

8

#include "source/extensions/common/aws/metadata_fetcher.h"

9

#include "source/extensions/common/aws/signers/sigv4_signer_impl.h"

10

11

namespace Envoy {

12

namespace Extensions {

13

namespace Common {

14

namespace Aws {

15

16

constexpr char ASSUMEROLE_RESPONSE_ELEMENT[] = "AssumeRoleResponse";

17

constexpr char ASSUMEROLE_RESULT_ELEMENT[] = "AssumeRoleResult";

18

19

class AssumeRoleCredentialsProvider : public MetadataCredentialsProviderBase,

20

                                      public MetadataFetcher::MetadataReceiver {

21

public:

22

  AssumeRoleCredentialsProvider(

23

      Server::Configuration::ServerFactoryContext& context,

24

      AwsClusterManagerPtr aws_cluster_manager, absl::string_view cluster_name,

25

      CreateMetadataFetcherCb create_metadata_fetcher_cb, absl::string_view region,

26

      MetadataFetcher::MetadataReceiver::RefreshState refresh_state,

27

      std::chrono::seconds initialization_timer,

28

      std::unique_ptr<Extensions::Common::Aws::SigV4SignerImpl> assume_role_signer,

29

      envoy::extensions::common::aws::v3::AssumeRoleCredentialProvider assume_role_config);

30

31

26

  ~AssumeRoleCredentialsProvider() override { cancel_refresh_callback_(); }

32

33

1

  std::string providerName() override { return "AssumeRoleCredentialsProvider"; };

34

35

  // Following functions are for MetadataFetcher::MetadataReceiver interface

36

  void onMetadataSuccess(const std::string&& body) override;

37

  void onMetadataError(Failure reason) override;

38

39

private:

40

  void refresh() override;

41

  void fetchCredentialFromRolesAnywhere(const std::string&& instance_role,

42

                                        const std::string&& token);

43

  void extractCredentials(const std::string&& credential_document_value);

44

45

  void continueRefresh();

46

47

  const std::string role_arn_;

48

  const std::string role_session_name_;

49

  const std::string region_;

50

  const std::string external_id_;

51

  absl::optional<uint16_t> session_duration_;

52

  std::unique_ptr<Extensions::Common::Aws::SigV4SignerImpl> assume_role_signer_;

53

3

  CancelWrapper::CancelFunction cancel_refresh_callback_ = []() {};

54

};

55

56

using AssumeRoleCredentialsProviderPtr = std::shared_ptr<AssumeRoleCredentialsProvider>;

57

58

} // namespace Aws

59

} // namespace Common

60

} // namespace Extensions

61

} // namespace Envoy