bes  Updated for version 3.20.10
NgapS3Credentials.cc
1 // -*- mode: c++; c-basic-offset:4 -*-
2 
3 // This file is part of the Hyrax data server.
4 
5 // Copyright (c) 2020 OPeNDAP, Inc.
6 // Author: Nathan Potter <ndp@opendap.org>
7 //
8 // This library is free software; you can redistribute it and/or
9 // modify it under the terms of the GNU Lesser General Public
10 // License as published by the Free Software Foundation; either
11 // version 2.1 of the License, or (at your option) any later version.
12 //
13 // This library is distributed in the hope that it will be useful,
14 // but WITHOUT ANY WARRANTY; without even the implied warranty of
15 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 // Lesser General Public License for more details.
17 //
18 // You should have received a copy of the GNU Lesser General Public
19 // License along with this library; if not, write to the Free Software
20 // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21 //
22 // You can contact OPeNDAP, Inc. at PO Box 112, Saunderstown, RI. 02874-0112.
23 
24 #include "rapidjson/document.h"
25 #include "rapidjson/writer.h"
26 #include "rapidjson/stringbuffer.h"
27 
28 #include <BESError.h>
29 #include <BESDebug.h>
30 
31 #include "CurlUtils.h"
32 
33 #include "NgapS3Credentials.h"
34 #include "DmrppNames.h"
35 
36 using std::string;
37 using std::endl;
38 
39 #define AWS_ACCESS_KEY_ID_KEY "accessKeyId"
40 #define AWS_SECRET_ACCESS_KEY_KEY "secretAccessKey"
41 #define AWS_SESSION_TOKEN_KEY "sessionToken"
42 #define AWS_EXPIRATION_KEY "expiration"
43 
44 #define prolog std::string("NgapS3Credentials::").append(__func__).append("() - ")
45 
46 // Scope: public members of AccessCredentials
47 const string NgapS3Credentials::AWS_SESSION_TOKEN = "aws_session_token";
48 const string NgapS3Credentials::AWS_TOKEN_EXPIRATION = "aws_token_expiration";
49 const string NgapS3Credentials::BES_CONF_S3_ENDPOINT_KEY = "NGAP.S3.distribution.endpoint.url";
50 const string NgapS3Credentials::BES_CONF_REFRESH_KEY = "NGAP.S3.refresh.margin";
51 const string NgapS3Credentials::BES_CONF_URL_BASE = "NGAP.s3.url.base";
52 
53 
54 bool NgapS3Credentials::is_s3_cred() { return true; }
55 
56 string NgapS3Credentials::get(const std::string &key) {
57  if (needs_refresh()) {
59  }
60  return AccessCredentials::get(key);
61 }
62 
70 
71  string accessKeyId, secretAccessKey, sessionToken, expiration;
72 
73  BESDEBUG(MODULE, prolog << "distribution_api_endpoint: " << distribution_api_endpoint << endl);
74 
75  rapidjson::Document d = curl::http_get_as_json(distribution_api_endpoint);
76  BESDEBUG(MODULE, prolog << "S3 Credentials:" << endl);
77 
78  rapidjson::Value &val = d[AWS_ACCESS_KEY_ID_KEY];
79  accessKeyId = val.GetString();
80  add(ID_KEY, accessKeyId);
81  BESDEBUG(MODULE, prolog << AWS_ACCESS_KEY_ID_KEY << ": " << accessKeyId << endl);
82 
83  val = d[AWS_SECRET_ACCESS_KEY_KEY];
84  secretAccessKey = val.GetString();
85  add(KEY_KEY, secretAccessKey);
86  BESDEBUG(MODULE, prolog << AWS_SECRET_ACCESS_KEY_KEY << ": " << secretAccessKey << endl);
87 
88  val = d[AWS_SESSION_TOKEN_KEY];
89  sessionToken = val.GetString();
90  add(AWS_SESSION_TOKEN, sessionToken);
91  BESDEBUG(MODULE, prolog << AWS_SESSION_TOKEN_KEY << ": " << sessionToken << endl);
92 
93  val = d[AWS_EXPIRATION_KEY];
94  expiration = val.GetString();
95  add(AWS_TOKEN_EXPIRATION, expiration);
96  BESDEBUG(MODULE, prolog << AWS_EXPIRATION_KEY << ": " << expiration << endl);
97 
98  // parse the time string into a something useful -------------------------------------------------------
99  struct tm tm;
100  // 2020-02-18 13:49:30+00:00
101  strptime(expiration.c_str(), "%Y-%m-%d %H:%M:%S%z", &tm);
102  d_expiration_time = mktime(&tm); // t is now your desired time_t
103  BESDEBUG(MODULE, prolog << "expiration(time_t): " << d_expiration_time << endl);
104 
105 }
106 
107 
108 
void add(const std::string &key, const std::string &value)
Add the key and value pair.
virtual std::string get(const std::string &key)
std::string get(const std::string &key)
virtual bool is_s3_cred()
Do the URL, ID, Key amd Region items make up an S3 Credential?
GenericValue< UTF8<> > Value
GenericValue with UTF8 encoding.
Definition: document.h:2189
GenericDocument< UTF8<> > Document
GenericDocument with UTF8 encoding.
Definition: document.h:2585