diff --git a/config/configure.go b/config/configure.go index 24e679994..772d4dd53 100644 --- a/config/configure.go +++ b/config/configure.go @@ -202,6 +202,8 @@ func configureRamRoleArn(w io.Writer, cp *Profile) error { if cp.ExpiredSeconds == 0 { cp.ExpiredSeconds = 900 } + cli.Printf(w, "External ID [%s]: ", cp.ExternalId) + cp.ExternalId = ReadInput(cp.ExternalId) cli.Printf(w, "Expired Seconds [%v]: ", cp.ExpiredSeconds) cp.ExpiredSeconds, _ = strconv.Atoi(ReadInput(strconv.Itoa(cp.ExpiredSeconds))) return nil @@ -242,6 +244,8 @@ func configureChainableRamRoleArn(w io.Writer, cp *Profile) error { if cp.ExpiredSeconds == 0 { cp.ExpiredSeconds = 900 } + cli.Printf(w, "External ID [%s]: ", cp.ExternalId) + cp.ExternalId = ReadInput(cp.ExternalId) cli.Printf(w, "Expired Seconds [%v]: ", cp.ExpiredSeconds) cp.ExpiredSeconds, _ = strconv.Atoi(ReadInput(strconv.Itoa(cp.ExpiredSeconds))) return nil diff --git a/config/configure_get.go b/config/configure_get.go index 3d8d5ba2e..24ba48b9c 100644 --- a/config/configure_get.go +++ b/config/configure_get.go @@ -84,6 +84,8 @@ func doConfigureGet(c *cli.Context, args []string) { cli.Printf(c.Stdout(), "ram-role-name=%s\n", profile.RamRoleName) case RamRoleArnFlagName: cli.Printf(c.Stdout(), "ram-role-arn=%s\n", profile.RamRoleArn) + case ExternalIdFlagName: + cli.Printf(c.Stdout(), "external-id=%s\n", profile.ExternalId) case RoleSessionNameFlagName: cli.Printf(c.Stdout(), "role-session-name=%s\n", profile.RoleSessionName) case KeyPairNameFlagName: diff --git a/config/configure_get_test.go b/config/configure_get_test.go index 6152a1a52..b3782497f 100644 --- a/config/configure_get_test.go +++ b/config/configure_get_test.go @@ -72,8 +72,8 @@ func TestDoConfigureGet(t *testing.T) { w.Reset() stderr.Reset() ctx.Flags().Flags()[1].SetAssigned(false) - doConfigureGet(ctx, []string{"profile", "mode", "access-key-id", "access-key-secret", "sts-token", "ram-role-name", "ram-role-arn", "role-session-name", "private-key", "key-pair-name", "region", "language"}) - assert.Equal(t, "profile=default\nmode=AK\naccess-key-id=*************************_id\naccess-key-secret=*****************************ret\nsts-token=\nram-role-name=\nram-role-arn=\nrole-session-name=\nprivate-key=\nkey-pair-name=\nlanguage=\n\n", w.String()) + doConfigureGet(ctx, []string{"profile", "mode", "access-key-id", "access-key-secret", "sts-token", "ram-role-name", "ram-role-arn", "role-session-name", "external-id", "private-key", "key-pair-name", "region", "language"}) + assert.Equal(t, "profile=default\nmode=AK\naccess-key-id=*************************_id\naccess-key-secret=*****************************ret\nsts-token=\nram-role-name=\nram-role-arn=\nrole-session-name=\nexternal-id=\nprivate-key=\nkey-pair-name=\nlanguage=\n\n", w.String()) //TESTCASE 4 hookLoadConfiguration = func(fn func(path string) (*Configuration, error)) func(path string) (*Configuration, error) { diff --git a/config/configure_list.go b/config/configure_list.go index 186165863..09535da7b 100644 --- a/config/configure_list.go +++ b/config/configure_list.go @@ -61,12 +61,18 @@ func doConfigureList(w io.Writer) { cred = "StsToken:" + "***" + GetLastChars(pf.AccessKeyId, 3) case RamRoleArn: cred = "RamRoleArn:" + "***" + GetLastChars(pf.AccessKeyId, 3) + if pf.ExternalId != "" { + cred = cred + ":" + GetLastChars(pf.ExternalId, 3) + } case EcsRamRole: cred = "EcsRamRole:" + pf.RamRoleName case RamRoleArnWithEcs: cred = "arn:" + "***" + GetLastChars(pf.AccessKeyId, 3) case ChainableRamRoleArn: cred = "ChainableRamRoleArn:" + pf.SourceProfile + ":" + pf.RamRoleArn + if pf.ExternalId != "" { + cred = cred + ":" + GetLastChars(pf.ExternalId, 3) + } case RsaKeyPair: cred = "RsaKeyPair:" + pf.KeyPairName case External: diff --git a/config/configure_list_test.go b/config/configure_list_test.go index ffb50d4a4..bc09b8230 100644 --- a/config/configure_list_test.go +++ b/config/configure_list_test.go @@ -4,7 +4,7 @@ // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // -// http://www.apache.org/licenses/LICENSE-2.0 +// http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, @@ -58,6 +58,16 @@ func TestDoConfigureList(t *testing.T) { RamRoleArn: "RamRoleArn", RoleSessionName: "RoleSessionName", }, + { + Name: "bbbe", + Mode: RamRoleArn, + AccessKeyId: "sdf", + AccessKeySecret: "ddf", + OutputFormat: "json", + RamRoleArn: "RamRoleArn", + RoleSessionName: "RoleSessionName", + ExternalId: "ExternalId", + }, { Name: "ccc", Mode: EcsRamRole, @@ -84,6 +94,7 @@ func TestDoConfigureList(t *testing.T) { "default * | AK:***_id | Invalid | | \n"+ "aaa | StsToken:****** | Invalid | | \n"+ "bbb | RamRoleArn:****** | Invalid | | \n"+ + "bbbe | RamRoleArn:******:lId | Invalid | | \n"+ "ccc | EcsRamRole:RamRoleName | Invalid | | \n"+ "ddd | RsaKeyPair:KeyPairName | Invalid | | \n", w.String()) diff --git a/config/configure_set.go b/config/configure_set.go index 7b7e64eef..2a7694c2c 100644 --- a/config/configure_set.go +++ b/config/configure_set.go @@ -86,6 +86,7 @@ func doConfigureSet(w io.Writer, flags *cli.FlagSet) { profile.AccessKeySecret = AccessKeySecretFlag(flags).GetStringOrDefault(profile.AccessKeySecret) profile.RamRoleArn = RamRoleArnFlag(flags).GetStringOrDefault(profile.RamRoleArn) profile.RoleSessionName = RoleSessionNameFlag(flags).GetStringOrDefault(profile.RoleSessionName) + profile.ExternalId = ExternalIdFlag(flags).GetStringOrDefault(profile.ExternalId) profile.ExpiredSeconds = ExpiredSecondsFlag(flags).GetIntegerOrDefault(profile.ExpiredSeconds) case EcsRamRole: profile.RamRoleName = RamRoleNameFlag(flags).GetStringOrDefault(profile.RamRoleName) @@ -98,6 +99,7 @@ func doConfigureSet(w io.Writer, flags *cli.FlagSet) { profile.SourceProfile = SourceProfileFlag(flags).GetStringOrDefault(profile.SourceProfile) profile.RamRoleArn = RamRoleArnFlag(flags).GetStringOrDefault(profile.RamRoleArn) profile.RoleSessionName = RoleSessionNameFlag(flags).GetStringOrDefault(profile.RoleSessionName) + profile.ExternalId = ExternalIdFlag(flags).GetStringOrDefault(profile.ExternalId) profile.ExpiredSeconds = ExpiredSecondsFlag(flags).GetIntegerOrDefault(profile.ExpiredSeconds) case RsaKeyPair: profile.PrivateKey = PrivateKeyFlag(flags).GetStringOrDefault(profile.PrivateKey) diff --git a/config/configure_set_test.go b/config/configure_set_test.go index d434487e1..015f57301 100644 --- a/config/configure_set_test.go +++ b/config/configure_set_test.go @@ -4,7 +4,7 @@ // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // -// http://www.apache.org/licenses/LICENSE-2.0 +// http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, @@ -97,7 +97,7 @@ func TestDoConfigureSet(t *testing.T) { return &Configuration{ CurrentProfile: "default", Profiles: []Profile{ - {Name: "default", Mode: RamRoleArn, RoleSessionName: "RoleSessionName", RamRoleArn: "RamRoleArn", AccessKeyId: "default_aliyun_access_key_id", AccessKeySecret: "default_aliyun_access_key_secret", OutputFormat: "json", RegionId: "cn-hangzhou"}, + {Name: "default", Mode: RamRoleArn, RoleSessionName: "RoleSessionName", RamRoleArn: "RamRoleArn", ExternalId: "ExternalId", AccessKeyId: "default_aliyun_access_key_id", AccessKeySecret: "default_aliyun_access_key_secret", OutputFormat: "json", RegionId: "cn-hangzhou"}, {Name: "aaa", Mode: AK, AccessKeyId: "sdf", AccessKeySecret: "ddf", OutputFormat: "json"}}}, nil } } diff --git a/config/configure_test.go b/config/configure_test.go index 3539a19a8..a7c835397 100644 --- a/config/configure_test.go +++ b/config/configure_test.go @@ -189,8 +189,8 @@ func TestConfigureStsToken(t *testing.T) { func TestConfigureRamRoleArn(t *testing.T) { w := new(bytes.Buffer) - err := configureRamRoleArn(w, &Profile{Name: "default", Mode: AK, AccessKeyId: "access_key_id", AccessKeySecret: "access_key_secret", RamRoleArn: "RamRoleArn", RoleSessionName: "RoleSessionName", RegionId: "cn-hangzhou", OutputFormat: "json"}) - assert.Equal(t, "Access Key Id [**********_id]: Access Key Secret [**************ret]: Sts Region []: Ram Role Arn [RamRoleArn]: Role Session Name [RoleSessionName]: Expired Seconds [900]: ", w.String()) + err := configureRamRoleArn(w, &Profile{Name: "default", Mode: AK, AccessKeyId: "access_key_id", AccessKeySecret: "access_key_secret", RamRoleArn: "RamRoleArn", RoleSessionName: "RoleSessionName", ExternalId: "ExternalId", RegionId: "cn-hangzhou", OutputFormat: "json"}) + assert.Equal(t, "Access Key Id [**********_id]: Access Key Secret [**************ret]: Sts Region []: Ram Role Arn [RamRoleArn]: Role Session Name [RoleSessionName]: External ID [ExternalId]: Expired Seconds [900]: ", w.String()) assert.Nil(t, err) } @@ -243,11 +243,12 @@ func TestConfigureChainableRamRoleArn(t *testing.T) { RamRoleArn: "rra", StsRegion: "cn-hangzhou", RoleSessionName: "rsn", + ExternalId: "eid", RegionId: "cn-hangzhou", ExpiredSeconds: 3600, OutputFormat: "json", }) - assert.Equal(t, "Source Profile [source]: Sts Region [cn-hangzhou]: Ram Role Arn [rra]: Role Session Name [rsn]: Expired Seconds [3600]: ", w.String()) + assert.Equal(t, "Source Profile [source]: Sts Region [cn-hangzhou]: Ram Role Arn [rra]: Role Session Name [rsn]: External ID [eid]: Expired Seconds [3600]: ", w.String()) assert.Nil(t, err) } diff --git a/config/flags.go b/config/flags.go index 502210d27..2f209c460 100644 --- a/config/flags.go +++ b/config/flags.go @@ -28,6 +28,7 @@ const ( RamRoleNameFlagName = "ram-role-name" RamRoleArnFlagName = "ram-role-arn" RoleSessionNameFlagName = "role-session-name" + ExternalIdFlagName = "external-id" SourceProfileFlagName = "source-profile" PrivateKeyFlagName = "private-key" KeyPairNameFlagName = "key-pair-name" @@ -59,6 +60,7 @@ func AddFlags(fs *cli.FlagSet) { fs.Add(NewRamRoleNameFlag()) fs.Add(NewRamRoleArnFlag()) fs.Add(NewRoleSessionNameFlag()) + fs.Add(NewExternalIdFlag()) fs.Add(NewPrivateKeyFlag()) fs.Add(NewKeyPairNameFlag()) fs.Add(NewReadTimeoutFlag()) @@ -115,6 +117,10 @@ func RoleSessionNameFlag(fs *cli.FlagSet) *cli.Flag { return fs.Get(RoleSessionNameFlagName) } +func ExternalIdFlag(fs *cli.FlagSet) *cli.Flag { + return fs.Get(ExternalIdFlagName) +} + func PrivateKeyFlag(fs *cli.FlagSet) *cli.Flag { return fs.Get(PrivateKeyFlagName) } @@ -270,6 +276,17 @@ func NewRoleSessionNameFlag() *cli.Flag { } } +func NewExternalIdFlag() *cli.Flag { + return &cli.Flag{ + Category: "config", + Name: ExternalIdFlagName, + AssignedMode: cli.AssignedOnce, + Short: i18n.T( + "use `--external-id ` to assign ExternalId", + "使用 `--external-id ` 指定ExternalId"), + } +} + func NewExpiredSecondsFlag() *cli.Flag { return &cli.Flag{ Category: "config", diff --git a/config/flags_test.go b/config/flags_test.go index 861c0cde7..73f1322f4 100644 --- a/config/flags_test.go +++ b/config/flags_test.go @@ -4,7 +4,7 @@ // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // -// http://www.apache.org/licenses/LICENSE-2.0 +// http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, @@ -168,6 +168,24 @@ func TestAddFlag(t *testing.T) { DefaultValue: "", Persistent: false, } + newExternalIdFlag = &cli.Flag{ + Category: "config", + Name: ExternalIdFlagName, + AssignedMode: cli.AssignedOnce, + Short: i18n.T( + "use `--external-id ` to assign ExternalId", + "使用 `--external-id ` 指定ExternalId"), + Long: nil, + Required: false, + Aliases: nil, + Hidden: false, + Validate: nil, + Fields: nil, + ExcludeWith: nil, + Shorthand: 0, + DefaultValue: "", + Persistent: false, + } newPrivateKeyFlag = &cli.Flag{ Category: "config", Name: PrivateKeyFlagName, @@ -378,6 +396,9 @@ func TestAddFlag(t *testing.T) { f = NewRoleSessionNameFlag() assert.Equal(t, newRoleSessionNameFlag, f) + f = NewExternalIdFlag() + assert.Equal(t, newExternalIdFlag, f) + f = NewPrivateKeyFlag() assert.Equal(t, newPrivateKeyFlag, f) diff --git a/config/profile.go b/config/profile.go index 20525aad8..f3e63fdfe 100644 --- a/config/profile.go +++ b/config/profile.go @@ -57,6 +57,7 @@ type Profile struct { RamRoleName string `json:"ram_role_name,omitempty"` RamRoleArn string `json:"ram_role_arn,omitempty"` RoleSessionName string `json:"ram_session_name,omitempty"` + ExternalId string `json:"external_id,omitempty"` SourceProfile string `json:"source_profile,omitempty"` PrivateKey string `json:"private_key,omitempty"` KeyPairName string `json:"key_pair_name,omitempty"` @@ -296,6 +297,7 @@ func (cp *Profile) GetCredential(ctx *cli.Context, proxyHost *string) (cred cred SetRoleArn(cp.RamRoleArn). SetRoleSessionName(cp.RoleSessionName). SetRoleSessionExpiration(cp.ExpiredSeconds). + SetExternalId(cp.ExternalId). SetSTSEndpoint(getSTSEndpoint(cp.StsRegion)) if cp.StsToken != "" { @@ -367,6 +369,7 @@ func (cp *Profile) GetCredential(ctx *cli.Context, proxyHost *string) (cred cred SetRoleArn(cp.RamRoleArn). SetRoleSessionName(cp.RoleSessionName). SetRoleSessionExpiration(cp.ExpiredSeconds). + SetExternalId(cp.ExternalId). SetSTSEndpoint(getSTSEndpoint(cp.StsRegion)) if model.SecurityToken != nil { diff --git a/oss/lib/allpart_size.go b/oss/lib/allpart_size.go index b95773c87..d7a9e8dc4 100644 --- a/oss/lib/allpart_size.go +++ b/oss/lib/allpart_size.go @@ -100,6 +100,7 @@ var allPartSizeCommand = AllPartSizeCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/append_file.go b/oss/lib/append_file.go index a26bfaf5b..6b109a8df 100644 --- a/oss/lib/append_file.go +++ b/oss/lib/append_file.go @@ -155,6 +155,7 @@ var appendFileCommand = AppendFileCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/bucket_access_monitor.go b/oss/lib/bucket_access_monitor.go index 711bfab33..2e7192e85 100644 --- a/oss/lib/bucket_access_monitor.go +++ b/oss/lib/bucket_access_monitor.go @@ -126,6 +126,7 @@ var bucketAccessMonitorCommand = BucketAccessMonitorCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/bucket_cname.go b/oss/lib/bucket_cname.go index 1d38a0049..b9b9e4ca7 100644 --- a/oss/lib/bucket_cname.go +++ b/oss/lib/bucket_cname.go @@ -245,6 +245,7 @@ var bucketCnameCommand = BucketCnameCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/bucket_cors.go b/oss/lib/bucket_cors.go index db9ff9a0a..227f32a24 100644 --- a/oss/lib/bucket_cors.go +++ b/oss/lib/bucket_cors.go @@ -151,6 +151,7 @@ var corsCommand = CorsCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/bucket_encryption.go b/oss/lib/bucket_encryption.go index 0e962901e..478e5eee3 100644 --- a/oss/lib/bucket_encryption.go +++ b/oss/lib/bucket_encryption.go @@ -140,6 +140,7 @@ var bucketEncryptionCommand = BucketEncryptionCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/bucket_inventory.go b/oss/lib/bucket_inventory.go index b59a06b93..297ae2441 100644 --- a/oss/lib/bucket_inventory.go +++ b/oss/lib/bucket_inventory.go @@ -213,6 +213,7 @@ var bucketInventoryCommand = BucketInventoryCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/bucket_lifecycle.go b/oss/lib/bucket_lifecycle.go index 8c3ccb338..e417c938d 100644 --- a/oss/lib/bucket_lifecycle.go +++ b/oss/lib/bucket_lifecycle.go @@ -169,6 +169,7 @@ var bucketLifeCycleCommand = BucketLifeCycleCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/bucket_logging.go b/oss/lib/bucket_logging.go index d128c4519..06c011ca6 100644 --- a/oss/lib/bucket_logging.go +++ b/oss/lib/bucket_logging.go @@ -130,6 +130,7 @@ var bucketLogCommand = BucketLogCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/bucket_policy.go b/oss/lib/bucket_policy.go index 6cf08cbb0..2e1d9aeb0 100644 --- a/oss/lib/bucket_policy.go +++ b/oss/lib/bucket_policy.go @@ -167,6 +167,7 @@ var bucketPolicyCommand = BucketPolicyCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/bucket_qos.go b/oss/lib/bucket_qos.go index 0a12dfacf..0aaf0ce35 100644 --- a/oss/lib/bucket_qos.go +++ b/oss/lib/bucket_qos.go @@ -156,6 +156,7 @@ var bucketQosCommand = BucketQosCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/bucket_referer.go b/oss/lib/bucket_referer.go index 311b784ac..322d49fee 100644 --- a/oss/lib/bucket_referer.go +++ b/oss/lib/bucket_referer.go @@ -136,6 +136,7 @@ var bucketRefererCommand = BucketRefererCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/bucket_replication.go b/oss/lib/bucket_replication.go index 96255d79b..0befd0fc6 100644 --- a/oss/lib/bucket_replication.go +++ b/oss/lib/bucket_replication.go @@ -225,6 +225,7 @@ var replicationCommand = ReplicationCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/bucket_resource_group.go b/oss/lib/bucket_resource_group.go index d90cd84b0..e6977043e 100644 --- a/oss/lib/bucket_resource_group.go +++ b/oss/lib/bucket_resource_group.go @@ -126,6 +126,7 @@ var bucketResourceGroupCommand = BucketResourceGroupCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/bucket_style.go b/oss/lib/bucket_style.go index f82841dab..3db8c24f1 100644 --- a/oss/lib/bucket_style.go +++ b/oss/lib/bucket_style.go @@ -152,6 +152,7 @@ var bucketStyleCommand = BucketStyleCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/bucket_tagging.go b/oss/lib/bucket_tagging.go index 1a3572721..c0cf8d6c7 100644 --- a/oss/lib/bucket_tagging.go +++ b/oss/lib/bucket_tagging.go @@ -120,6 +120,7 @@ var bucketTagCommand = BucketTagCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/bucket_versioning.go b/oss/lib/bucket_versioning.go index 018f123f5..efe8b8a87 100644 --- a/oss/lib/bucket_versioning.go +++ b/oss/lib/bucket_versioning.go @@ -112,6 +112,7 @@ var bucketVersioningCommand = BucketVersioningCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/bucket_website.go b/oss/lib/bucket_website.go index 16284557b..81308d3d7 100644 --- a/oss/lib/bucket_website.go +++ b/oss/lib/bucket_website.go @@ -243,6 +243,7 @@ var bucketWebsiteCommand = BucketWebSiteCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/bucket_worm.go b/oss/lib/bucket_worm.go index d9c216942..db7b26df4 100644 --- a/oss/lib/bucket_worm.go +++ b/oss/lib/bucket_worm.go @@ -123,6 +123,7 @@ var wormCommand = WormCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/cat.go b/oss/lib/cat.go index 9adf20c8e..b2f28c10c 100644 --- a/oss/lib/cat.go +++ b/oss/lib/cat.go @@ -109,6 +109,7 @@ var catCommand = CatCommand{ OptionRamRoleArn, OptionRoleSessionName, OptionReadTimeout, + OptionExternalId, OptionConnectTimeout, OptionSTSRegion, OptionSkipVerifyCert, diff --git a/oss/lib/command.go b/oss/lib/command.go index 7777bb73a..0e9770da2 100644 --- a/oss/lib/command.go +++ b/oss/lib/command.go @@ -302,6 +302,7 @@ func (cmd *Command) ossClient(bucket string) (*oss.Client, error) { strTokenTimeout, _ := GetString(OptionTokenTimeout, cmd.options) ramRoleArn, _ := GetString(OptionRamRoleArn, cmd.options) roleSessionName, _ := GetString(OptionRoleSessionName, cmd.options) + externalId, _ := GetString(OptionExternalId, cmd.options) strReadTimeout, _ := GetString(OptionReadTimeout, cmd.options) strConnectTimeout, _ := GetString(OptionConnectTimeout, cmd.options) @@ -376,8 +377,11 @@ func (cmd *Command) ossClient(bucket string) (*oss.Client, error) { if roleSessionName == "" { roleSessionName = "SessNameRand" + randStr(5) } + if externalId == "" { + externalId, _ = cmd.getExternalId() + } - stsClient := NewClient(accessKeyID, accessKeySecret, ramRoleArn, roleSessionName) + stsClient := NewClient(accessKeyID, accessKeySecret, ramRoleArn, roleSessionName, externalId) if strTokenTimeout == "" { strTokenTimeout = "3600" @@ -571,6 +575,19 @@ func (cmd *Command) getRamRoleArn() (string, bool) { return "", false } +func (cmd *Command) getExternalId() (string, bool) { + if idMap, ok := cmd.configOptions[CREDSection]; ok { + if strId, ok := idMap.(map[string]string)[ItemExternalId]; ok { + if strId != "" { + return strId, true + } else { + return "", false + } + } + } + return "", false +} + func (cmd *Command) getEndpoint(bucket string) (string, bool) { if cnameMap, ok := cmd.configOptions[BucketCnameSection]; ok { if endpoint, ok := cnameMap.(map[string]string)[bucket]; ok { diff --git a/oss/lib/config_helper.go b/oss/lib/config_helper.go index 23ae19e0c..1d15954f3 100644 --- a/oss/lib/config_helper.go +++ b/oss/lib/config_helper.go @@ -30,6 +30,7 @@ const ( // config items in section Credentials const ( ItemRamRoleArn string = "ramRoleArn" + ItemExternalId string = "externalId" ) type configOption struct { @@ -64,6 +65,7 @@ var CredOptionMap = map[string]configOption{ OptionMode: configOption{[]string{"mode", "Mode"}, false, false, "", ""}, OptionRamRoleArn: configOption{[]string{"ramRoleArn", "RamRoleArn", "ramrolearn", "ram_role_arn", "ram-role-arn"}, false, false, "", ""}, OptionRoleSessionName: configOption{[]string{"roleSessionName", "RoleSessionName", "rolesessionname", "role-session-name", "role_session_name"}, false, false, "", ""}, + OptionExternalId: configOption{[]string{"externalID", "externalId", "externalid", "external-id", "external_id"}, false, false, "", ""}, OptionTokenTimeout: configOption{[]string{"tokenTimeOut", "tokenTimeout", "tokentimeout", "token_timeout", "token-timeout"}, false, false, "", ""}, OptionSTSRegion: configOption{[]string{"stsRegion", "stsregion", "sts-region", "sts_region"}, false, false, "", ""}, OptionECSRoleName: configOption{[]string{"ecsRoleName", "EcsRoleName", "ecsrolename", "ecs-role-name", "ecs_role_name"}, false, false, "", ""}, diff --git a/oss/lib/config_test.go b/oss/lib/config_test.go index 21e4e738b..734fba1ca 100644 --- a/oss/lib/config_test.go +++ b/oss/lib/config_test.go @@ -367,6 +367,7 @@ func (s *OssutilConfigSuite) TestConfigNonInteractiveWithCommonOption(c *C) { tokenTimeout := "300" ramRoleArn := "acs:ram::123*******123:role/ramosssts" roleSessionName := "roleTest" + externalId := "externalId" readTimeout := "10" connectTimeOut := "10" stsRegion = "sts.cn-qingdao.aliyuncs.com" @@ -432,6 +433,7 @@ func (s *OssutilConfigSuite) TestConfigNonInteractiveWithCommonOption(c *C) { ramRoleArn1 := "acs:ram::123*******123:role/ramosssts1" roleSessionName1 := "roleTest1" ecsRoleName1 := "ossTest1" + externalId1 := "externalId1" stsRegion1 := "sts.cn-hangzhou.aliyuncs.com" data = "[Credentials]" + "\n" + "language=" + DefaultLanguage + "\n" + @@ -443,6 +445,7 @@ func (s *OssutilConfigSuite) TestConfigNonInteractiveWithCommonOption(c *C) { "tokenTimeout=" + tokenTimeout1 + "\n" + "ramRoleArn=" + ramRoleArn1 + "\n" + "roleSessionName=" + roleSessionName1 + "\n" + + "externalId=" + externalId1 + "\n" + "mode=" + mode + "\n" + "stsRegion=" + stsRegion1 + "\n" + "signVersion=" + signVersion + "\n" + @@ -458,6 +461,7 @@ func (s *OssutilConfigSuite) TestConfigNonInteractiveWithCommonOption(c *C) { "tokenTimeout=" + tokenTimeout + "\n" + "ramRoleArn=" + ramRoleArn + "\n" + "roleSessionName=" + roleSessionName + "\n" + + "externalId=" + externalId + "\n" + "readTimeOut=" + readTimeout + "\n" + "connectTimeOut=" + connectTimeOut s.createFile(cfile, data, c) @@ -465,7 +469,7 @@ func (s *OssutilConfigSuite) TestConfigNonInteractiveWithCommonOption(c *C) { opts, err = LoadConfig(cfile) testLogger.Print(opts) c.Assert(err, IsNil) - c.Assert(len(opts), Equals, 21) + c.Assert(len(opts), Equals, 22) c.Assert(opts[OptionLanguage], Equals, DefaultLanguage) c.Assert(opts[OptionEndpoint], Equals, endpoint) c.Assert(opts[OptionAccessKeyID], Equals, accessKeyID) @@ -485,6 +489,7 @@ func (s *OssutilConfigSuite) TestConfigNonInteractiveWithCommonOption(c *C) { c.Assert(opts[OptionRamRoleArn], Equals, ramRoleArn1) c.Assert(opts[OptionTokenTimeout], Equals, tokenTimeout1) c.Assert(opts[OptionRoleSessionName], Equals, roleSessionName1) + c.Assert(opts[OptionExternalId], Equals, externalId1) c.Assert(opts[OptionSTSRegion], Equals, stsRegion1) c.Assert(opts[OptionECSRoleName], Equals, ecsRoleName1) c.Assert(opts[OptionSignVersion], Equals, signVersion) diff --git a/oss/lib/const.go b/oss/lib/const.go index 9911add52..06653d4a6 100644 --- a/oss/lib/const.go +++ b/oss/lib/const.go @@ -93,6 +93,7 @@ const ( OptionTokenTimeout = "tokenTimeout" OptionRamRoleArn = "ramRoleArn" OptionRoleSessionName = "roleSessionName" + OptionExternalId = "externalId" OptionReadTimeout = "readTimeOut" OptionConnectTimeout = "connectTimeOut" OptionSTSRegion = "stsRegion" diff --git a/oss/lib/cors_options.go b/oss/lib/cors_options.go index c3fe07071..05ba02164 100644 --- a/oss/lib/cors_options.go +++ b/oss/lib/cors_options.go @@ -95,6 +95,7 @@ var corsOptionsCommand = OptionsCommand{ OptionECSRoleName, OptionTokenTimeout, OptionRamRoleArn, + OptionExternalId, OptionRoleSessionName, OptionReadTimeout, OptionConnectTimeout, diff --git a/oss/lib/cp.go b/oss/lib/cp.go index d97c1d8e4..593f7b77b 100644 --- a/oss/lib/cp.go +++ b/oss/lib/cp.go @@ -1303,6 +1303,7 @@ var copyCommand = CopyCommand{ OptionECSRoleName, OptionTokenTimeout, OptionRamRoleArn, + OptionExternalId, OptionRoleSessionName, OptionReadTimeout, OptionConnectTimeout, diff --git a/oss/lib/cp_test.go b/oss/lib/cp_test.go index af6105023..8d5801d92 100644 --- a/oss/lib/cp_test.go +++ b/oss/lib/cp_test.go @@ -5930,7 +5930,7 @@ func (s *OssutilCommandSuite) TestCPObjectUnderSTStokenmode(c *C) { bucketName := bucketNamePrefix + randLowStr(12) s.putBucket(bucketName, c) - client := NewClient(stsAccessID, stsAccessKeySecret, stsARN, "sts_test") + client := NewClient(stsAccessID, stsAccessKeySecret, stsARN, "sts_test", "") resp, err := client.AssumeRole(900, "") c.Assert(err, IsNil) @@ -5991,7 +5991,7 @@ func (s *OssutilCommandSuite) TestCPObjectUnderSTSTokenmodeWithEmptySTSToken(c * bucketName := bucketNamePrefix + randLowStr(12) s.putBucket(bucketName, c) - client := NewClient(stsAccessID, stsAccessKeySecret, stsARN, "sts_test") + client := NewClient(stsAccessID, stsAccessKeySecret, stsARN, "sts_test", "") resp, err := client.AssumeRole(900, "") c.Assert(err, IsNil) diff --git a/oss/lib/create_symlink.go b/oss/lib/create_symlink.go index c361f22aa..9dec2be7f 100644 --- a/oss/lib/create_symlink.go +++ b/oss/lib/create_symlink.go @@ -122,6 +122,7 @@ var createSymlinkCommand = CreateSymlinkCommand{ OptionECSRoleName, OptionTokenTimeout, OptionRamRoleArn, + OptionExternalId, OptionRoleSessionName, OptionReadTimeout, OptionConnectTimeout, diff --git a/oss/lib/du.go b/oss/lib/du.go index 2570fd1cc..5a0961e47 100644 --- a/oss/lib/du.go +++ b/oss/lib/du.go @@ -132,6 +132,7 @@ var duSizeCommand = DuCommand{ OptionECSRoleName, OptionTokenTimeout, OptionRamRoleArn, + OptionExternalId, OptionRoleSessionName, OptionReadTimeout, OptionConnectTimeout, diff --git a/oss/lib/lcb.go b/oss/lib/lcb.go index a814e4bde..a32f93d6d 100644 --- a/oss/lib/lcb.go +++ b/oss/lib/lcb.go @@ -74,6 +74,7 @@ var lcbCommand = LcbCommand{ OptionECSRoleName, OptionTokenTimeout, OptionRamRoleArn, + OptionExternalId, OptionRoleSessionName, OptionReadTimeout, OptionConnectTimeout, diff --git a/oss/lib/listpart.go b/oss/lib/listpart.go index 8022707b2..24c94a8b0 100644 --- a/oss/lib/listpart.go +++ b/oss/lib/listpart.go @@ -99,6 +99,7 @@ var listPartCommand = ListPartCommand{ OptionECSRoleName, OptionTokenTimeout, OptionRamRoleArn, + OptionExternalId, OptionRoleSessionName, OptionReadTimeout, OptionConnectTimeout, diff --git a/oss/lib/lrb.go b/oss/lib/lrb.go index 8a82375ba..ecee81033 100644 --- a/oss/lib/lrb.go +++ b/oss/lib/lrb.go @@ -89,6 +89,7 @@ var lrbCommand = LrbCommand{ OptionECSRoleName, OptionTokenTimeout, OptionRamRoleArn, + OptionExternalId, OptionRoleSessionName, OptionReadTimeout, OptionConnectTimeout, diff --git a/oss/lib/ls.go b/oss/lib/ls.go index 018cf2fd5..89913002f 100644 --- a/oss/lib/ls.go +++ b/oss/lib/ls.go @@ -405,6 +405,7 @@ var listCommand = ListCommand{ OptionECSRoleName, OptionTokenTimeout, OptionRamRoleArn, + OptionExternalId, OptionRoleSessionName, OptionReadTimeout, OptionConnectTimeout, diff --git a/oss/lib/mb.go b/oss/lib/mb.go index 624dc7974..8914b0cba 100644 --- a/oss/lib/mb.go +++ b/oss/lib/mb.go @@ -183,6 +183,7 @@ var makeBucketCommand = MakeBucketCommand{ OptionECSRoleName, OptionTokenTimeout, OptionRamRoleArn, + OptionExternalId, OptionRoleSessionName, OptionReadTimeout, OptionConnectTimeout, diff --git a/oss/lib/mkdir.go b/oss/lib/mkdir.go index f7f417b05..82da878d6 100644 --- a/oss/lib/mkdir.go +++ b/oss/lib/mkdir.go @@ -85,6 +85,7 @@ var mkdirCommand = MkdirCommand{ OptionECSRoleName, OptionTokenTimeout, OptionRamRoleArn, + OptionExternalId, OptionRoleSessionName, OptionReadTimeout, OptionConnectTimeout, diff --git a/oss/lib/object_tagging.go b/oss/lib/object_tagging.go index 8b44447e0..9a15b87bf 100644 --- a/oss/lib/object_tagging.go +++ b/oss/lib/object_tagging.go @@ -149,6 +149,7 @@ var objectTagCommand = ObjectTagCommand{ OptionECSRoleName, OptionTokenTimeout, OptionRamRoleArn, + OptionExternalId, OptionRoleSessionName, OptionReadTimeout, OptionConnectTimeout, diff --git a/oss/lib/option.go b/oss/lib/option.go index e8975f59a..ee52111a1 100644 --- a/oss/lib/option.go +++ b/oss/lib/option.go @@ -248,6 +248,9 @@ var OptionMap = map[string]Option{ OptionRoleSessionName: Option{"", "--role-session-name", "", OptionTypeString, "", "", "表示会话名字,主要用于RamRoleArn模式", "specifies the session name, primarily used in RamRoleArn mode."}, + OptionExternalId: Option{"", "--external-id", "", OptionTypeString, "", "", + "表示外部ID,主要用于RamRoleArn模式", + "specifies the external ID, primarily used in RamRoleArn mode."}, OptionReadTimeout: Option{"", "--read-timeout", "", OptionTypeInt64, "", "", "表示客户端读超时的时间,单位为秒, 缺省值为1200", "specifies the time that the client read timed out, the unit is: s, default value is 1200."}, diff --git a/oss/lib/probe.go b/oss/lib/probe.go index 1a318df7d..645b46b3f 100644 --- a/oss/lib/probe.go +++ b/oss/lib/probe.go @@ -358,6 +358,7 @@ var probeCommand = ProbeCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/read_symlink.go b/oss/lib/read_symlink.go index bda702ce7..f0ff473e9 100644 --- a/oss/lib/read_symlink.go +++ b/oss/lib/read_symlink.go @@ -121,6 +121,7 @@ var readSymlinkCommand = ReadSymlinkCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/request_payment.go b/oss/lib/request_payment.go index 72339cad7..de003c84b 100644 --- a/oss/lib/request_payment.go +++ b/oss/lib/request_payment.go @@ -112,6 +112,7 @@ var requestPaymentCommand = RequestPaymentCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/restore.go b/oss/lib/restore.go index 5a498e6ed..5bed84de7 100644 --- a/oss/lib/restore.go +++ b/oss/lib/restore.go @@ -225,6 +225,7 @@ var restoreCommand = RestoreCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/revert_versioning.go b/oss/lib/revert_versioning.go index ab9fff76b..74d6cc216 100644 --- a/oss/lib/revert_versioning.go +++ b/oss/lib/revert_versioning.go @@ -146,6 +146,7 @@ var revertCommand = RevertCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/rm.go b/oss/lib/rm.go index a9c60d3f5..864f6caf2 100644 --- a/oss/lib/rm.go +++ b/oss/lib/rm.go @@ -334,6 +334,7 @@ var removeCommand = RemoveCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/set_acl.go b/oss/lib/set_acl.go index 519605779..aa8fc0750 100644 --- a/oss/lib/set_acl.go +++ b/oss/lib/set_acl.go @@ -254,6 +254,7 @@ var setACLCommand = SetACLCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/set_meta.go b/oss/lib/set_meta.go index 2a9cef97e..624087b9c 100644 --- a/oss/lib/set_meta.go +++ b/oss/lib/set_meta.go @@ -355,6 +355,7 @@ var setMetaCommand = SetMetaCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/signurl.go b/oss/lib/signurl.go index fc9b13034..a0b47665c 100644 --- a/oss/lib/signurl.go +++ b/oss/lib/signurl.go @@ -142,6 +142,7 @@ var signURLCommand = SignurlCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionSTSRegion, OptionUserAgent, OptionQueryParam, diff --git a/oss/lib/signurl_test.go b/oss/lib/signurl_test.go index 14620700d..4ccd1d1db 100644 --- a/oss/lib/signurl_test.go +++ b/oss/lib/signurl_test.go @@ -650,7 +650,7 @@ func (s *OssutilCommandSuite) TestSignWithModeStsToken(c *C) { object := randLowStr(12) s.putObject(bucketName, object, fileName, c) - client := NewClient(stsAccessID, stsAccessKeySecret, stsARN, "sts_test") + client := NewClient(stsAccessID, stsAccessKeySecret, stsARN, "sts_test", "") resp, err := client.AssumeRole(3600, "https://sts.cn-hangzhou.aliyuncs.com") c.Assert(err, IsNil) diff --git a/oss/lib/stat.go b/oss/lib/stat.go index 54efaf155..a81e57828 100644 --- a/oss/lib/stat.go +++ b/oss/lib/stat.go @@ -118,6 +118,7 @@ var statCommand = StatCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/sync.go b/oss/lib/sync.go index 7b2955421..e3de5157c 100644 --- a/oss/lib/sync.go +++ b/oss/lib/sync.go @@ -419,6 +419,7 @@ var syncCommand = SyncCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/user_qos.go b/oss/lib/user_qos.go index 9d5f04541..7bf156f96 100644 --- a/oss/lib/user_qos.go +++ b/oss/lib/user_qos.go @@ -90,6 +90,7 @@ var userQosCommand = UserQosCommand{ OptionTokenTimeout, OptionRamRoleArn, OptionRoleSessionName, + OptionExternalId, OptionReadTimeout, OptionConnectTimeout, OptionSTSRegion, diff --git a/oss/lib/util_sts.go b/oss/lib/util_sts.go index 213cdff59..e8688ca04 100644 --- a/oss/lib/util_sts.go +++ b/oss/lib/util_sts.go @@ -21,6 +21,7 @@ type Client struct { AccessKeySecret string RoleArn string SessionName string + ExternalId string } // ServiceError sts service error @@ -62,12 +63,13 @@ func (e *ServiceError) Error() string { } // NewClient New STS Client -func NewClient(accessKeyId, accessKeySecret, roleArn, sessionName string) *Client { +func NewClient(accessKeyId, accessKeySecret, roleArn, sessionName, externalId string) *Client { return &Client{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, RoleArn: roleArn, SessionName: sessionName, + ExternalId: externalId, } } @@ -128,6 +130,10 @@ func (c *Client) generateSignedURL(expiredTime uint) (string, error) { queryStr += "&SignatureNonce=" + randId queryStr += "&DurationSeconds=" + strconv.FormatUint((uint64)(expiredTime), 10) + if c.ExternalId != "" { + queryStr += "&ExternalId=" + c.ExternalId + } + // Sort query string queryParams, err := url.ParseQuery(queryStr) if err != nil { diff --git a/oss/lib/util_sts_test.go b/oss/lib/util_sts_test.go index 83cd41dd4..48d0b73a6 100644 --- a/oss/lib/util_sts_test.go +++ b/oss/lib/util_sts_test.go @@ -26,7 +26,7 @@ func (s *StsTestSuite) TearDownSuite(c *C) { } func (s *StsTestSuite) TestSendRequest(c *C) { - client := NewClient("", "", "", "") + client := NewClient("", "", "", "", "") _, _, err := client.sendRequest(StsHost) c.Assert(err, IsNil) @@ -36,7 +36,7 @@ func (s *StsTestSuite) TestSendRequest(c *C) { } func (s *StsTestSuite) TestHandleResponse(c *C) { - client := NewClient("", "", "", "") + client := NewClient("", "", "", "", "") body := "{\"RequestId\":\"784B99C1-895F-426C-8E1F-008955D418FB\"," + "\"HostId\":\"sts.aliyuncs.com\"," + @@ -67,7 +67,7 @@ func (s *StsTestSuite) TestHandleResponse(c *C) { func (s *StsTestSuite) TestAssumeRoleSuccess(c *C) { now := time.Now() - client := NewClient(stsAccessID, stsAccessKeySecret, stsARN, "sts_test") + client := NewClient(stsAccessID, stsAccessKeySecret, stsARN, "sts_test", "") resp, err := client.AssumeRole(900, "") if err != nil { @@ -90,7 +90,7 @@ func (s *StsTestSuite) TestAssumeRoleSuccess(c *C) { func (s *StsTestSuite) TestAssumeRoleNegative(c *C) { // AccessKeyID invalid - client := NewClient("", accessKeySecret, stsARN, "sts_test") + client := NewClient("", accessKeySecret, stsARN, "sts_test", "") resp, err := client.AssumeRole(900, "") c.Assert(resp, IsNil) c.Assert(err, NotNil) @@ -102,7 +102,7 @@ func (s *StsTestSuite) TestAssumeRoleNegative(c *C) { log.Println("ServiceError:", srvErr) // AccessKeySecret invalid - client = NewClient(stsAccessID, stsAccessKeySecret+" ", stsARN, "sts_test") + client = NewClient(stsAccessID, stsAccessKeySecret+" ", stsARN, "sts_test", "") resp, err = client.AssumeRole(900, "") c.Assert(resp, IsNil) c.Assert(err, NotNil) @@ -114,7 +114,7 @@ func (s *StsTestSuite) TestAssumeRoleNegative(c *C) { log.Println("ServiceError:", srvErr) // SessionName invalid - client = NewClient(stsAccessID, stsAccessKeySecret, stsARN, "x") + client = NewClient(stsAccessID, stsAccessKeySecret, stsARN, "x", "") resp, err = client.AssumeRole(900, "") c.Assert(resp, IsNil)