class Fog::AWS::STS::Real

Public Class Methods

new(options={}) click to toggle source

Initialize connection to STS

Notes

options parameter must include values for :aws_access_key_id and :aws_secret_access_key in order to create a connection

Examples

iam = STS.new(
 :aws_access_key_id => your_aws_access_key_id,
 :aws_secret_access_key => your_aws_secret_access_key
)

Parameters

  • options<~Hash> - config arguments for connection. Defaults to {}.

Returns

  • STS object with connection to AWS.

# File lib/fog/aws/sts.rb, line 67
def initialize(options={})
  require 'fog/core/parser'

  @aws_access_key_id      = options[:aws_access_key_id]
  @aws_secret_access_key  = options[:aws_secret_access_key]
  @connection_options     = options[:connection_options] || {}
  @hmac       = Fog::HMAC.new('sha256', @aws_secret_access_key)
  @host       = options[:host]        || 'sts.amazonaws.com'
  @path       = options[:path]        || '/'
  @persistent = options[:persistent]  || false
  @port       = options[:port]        || 443
  @scheme     = options[:scheme]      || 'https'
  @connection = Fog::Connection.new("#{@scheme}://#{@host}:#{@port}#{@path}", @persistent, @connection_options)
end

Public Instance Methods

get_federation_token(name, policy, duration=43200) click to toggle source
# File lib/fog/aws/requests/sts/get_federation_token.rb, line 8
def get_federation_token(name, policy, duration=43200)
  request({
    'Action'          => 'GetFederationToken',
    'Name'            => name,
    'Policy'          => Fog::JSON.encode(policy),
    'DurationSeconds' => duration,
    :idempotent       => true,
    :parser           => Fog::Parsers::AWS::STS::GetSessionToken.new
  })
end
get_session_token(duration=43200) click to toggle source
# File lib/fog/aws/requests/sts/get_session_token.rb, line 8
def get_session_token(duration=43200)
  request({
    'Action'          => 'GetSessionToken',
    'DurationSeconds' => duration,
    :idempotent       => true,
    :parser           => Fog::Parsers::AWS::STS::GetSessionToken.new
  })
end
reload() click to toggle source
# File lib/fog/aws/sts.rb, line 82
def reload
  @connection.reset
end

Private Instance Methods

request(params) click to toggle source
# File lib/fog/aws/sts.rb, line 88
def request(params)
  idempotent  = params.delete(:idempotent)
  parser      = params.delete(:parser)

  body = Fog::AWS.signed_params(
    params,
    {
      :aws_access_key_id  => @aws_access_key_id,
      :hmac               => @hmac,
      :host               => @host,
      :path               => @path,
      :port               => @port,
      :version            => '2011-06-15'
    }
  )

  begin
    response = @connection.request({
      :body       => body,
      :expects    => 200,
      :idempotent => idempotent,
      :headers    => { 'Content-Type' => 'application/x-www-form-urlencoded' },
      :host       => @host,
      :method     => 'POST',
      :parser     => parser
    })

    response
  rescue Excon::Errors::HTTPStatusError => error
    if match = error.message.match(/<Code>(.*)<\/Code>(?:.*<Message>(.*)<\/Message>)?/)
      case match[1]
      when 'EntityAlreadyExists', 'KeyPairMismatch', 'LimitExceeded', 'MalformedCertificate', 'ValidationError'
        raise Fog::AWS::STS.const_get(match[1]).slurp(error, match[2])
      else
        raise Fog::AWS::STS::Error.slurp(error, "#{match[1]} => #{match[2]}") if match[1]
        raise
      end
    else
      raise
    end
  end


end