From 37c8c1de9bcc9c936515ac09626ed85a38ad3e49 Mon Sep 17 00:00:00 2001 From: Theodore Tsirpanis Date: Fri, 20 Sep 2024 02:07:27 +0300 Subject: [PATCH] Support passing `ClientConfiguration` to web identity credentials provider. --- .../include/aws/core/auth/STSCredentialsProvider.h | 2 +- .../source/auth/STSCredentialsProvider.cpp | 13 +++++++------ 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/src/aws-cpp-sdk-core/include/aws/core/auth/STSCredentialsProvider.h b/src/aws-cpp-sdk-core/include/aws/core/auth/STSCredentialsProvider.h index 720006592c9..1921fac4b12 100644 --- a/src/aws-cpp-sdk-core/include/aws/core/auth/STSCredentialsProvider.h +++ b/src/aws-cpp-sdk-core/include/aws/core/auth/STSCredentialsProvider.h @@ -25,7 +25,7 @@ namespace Aws class AWS_CORE_API STSAssumeRoleWebIdentityCredentialsProvider : public AWSCredentialsProvider { public: - STSAssumeRoleWebIdentityCredentialsProvider(); + STSAssumeRoleWebIdentityCredentialsProvider(Aws::Client::ClientConfiguration config = {}); /** * Retrieves the credentials if found, otherwise returns empty credential set. diff --git a/src/aws-cpp-sdk-core/source/auth/STSCredentialsProvider.cpp b/src/aws-cpp-sdk-core/source/auth/STSCredentialsProvider.cpp index 7747d86951c..db4609ee55b 100644 --- a/src/aws-cpp-sdk-core/source/auth/STSCredentialsProvider.cpp +++ b/src/aws-cpp-sdk-core/source/auth/STSCredentialsProvider.cpp @@ -32,7 +32,7 @@ using Aws::Utils::Threading::WriterLockGuard; static const char STS_ASSUME_ROLE_WEB_IDENTITY_LOG_TAG[] = "STSAssumeRoleWithWebIdentityCredentialsProvider"; static const int STS_CREDENTIAL_PROVIDER_EXPIRATION_GRACE_PERIOD = 5 * 1000; -STSAssumeRoleWebIdentityCredentialsProvider::STSAssumeRoleWebIdentityCredentialsProvider() : +STSAssumeRoleWebIdentityCredentialsProvider::STSAssumeRoleWebIdentityCredentialsProvider(Aws::Client::ClientConfiguration config) : m_initialized(false) { // check environment variables @@ -97,15 +97,16 @@ STSAssumeRoleWebIdentityCredentialsProvider::STSAssumeRoleWebIdentityCredentials AWS_LOGSTREAM_DEBUG(STS_ASSUME_ROLE_WEB_IDENTITY_LOG_TAG, "Resolved session_name from profile_config or environment variable to be " << m_sessionName); } - Aws::Client::ClientConfiguration config; config.scheme = Aws::Http::Scheme::HTTPS; config.region = tmpRegion; - Aws::Vector retryableErrors; - retryableErrors.push_back("IDPCommunicationError"); - retryableErrors.push_back("InvalidIdentityToken"); + if (config.retryStrategy == nullptr) { + Aws::Vector retryableErrors; + retryableErrors.push_back("IDPCommunicationError"); + retryableErrors.push_back("InvalidIdentityToken"); - config.retryStrategy = Aws::MakeShared(STS_ASSUME_ROLE_WEB_IDENTITY_LOG_TAG, retryableErrors, 3/*maxRetries*/); + config.retryStrategy = Aws::MakeShared(STS_ASSUME_ROLE_WEB_IDENTITY_LOG_TAG, retryableErrors, 3/*maxRetries*/); + } m_client = Aws::MakeUnique(STS_ASSUME_ROLE_WEB_IDENTITY_LOG_TAG, config); m_initialized = true;