MCPcopy
hub / github.com/minio/minio-go / getAssumeRoleCredentials

Function getAssumeRoleCredentials

pkg/credentials/assume_role.go:145–223  ·  view source on GitHub ↗
(clnt *http.Client, endpoint string, opts STSAssumeRoleOptions)

Source from the content-addressed store, hash-verified

143}
144
145func getAssumeRoleCredentials(clnt *http.Client, endpoint string, opts STSAssumeRoleOptions) (AssumeRoleResponse, error) {
146 v := url.Values{}
147 v.Set("Action", "AssumeRole")
148 v.Set("Version", STSVersion)
149 if opts.RoleARN != "" {
150 v.Set("RoleArn", opts.RoleARN)
151 }
152 if opts.RoleSessionName != "" {
153 v.Set("RoleSessionName", opts.RoleSessionName)
154 }
155 if opts.DurationSeconds > defaultDurationSeconds {
156 v.Set("DurationSeconds", strconv.Itoa(opts.DurationSeconds))
157 } else {
158 v.Set("DurationSeconds", strconv.Itoa(defaultDurationSeconds))
159 }
160 if opts.Policy != "" {
161 v.Set("Policy", opts.Policy)
162 }
163 if opts.ExternalID != "" {
164 v.Set("ExternalId", opts.ExternalID)
165 }
166 if opts.TokenRevokeType != "" {
167 v.Set("TokenRevokeType", opts.TokenRevokeType)
168 }
169
170 u, err := url.Parse(endpoint)
171 if err != nil {
172 return AssumeRoleResponse{}, err
173 }
174 u.Path = "/"
175
176 postBody := strings.NewReader(v.Encode())
177 hash := sha256.New()
178 if _, err = io.Copy(hash, postBody); err != nil {
179 return AssumeRoleResponse{}, err
180 }
181 postBody.Seek(0, 0)
182
183 req, err := http.NewRequest(http.MethodPost, u.String(), postBody)
184 if err != nil {
185 return AssumeRoleResponse{}, err
186 }
187 req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
188 req.Header.Set("X-Amz-Content-Sha256", hex.EncodeToString(hash.Sum(nil)))
189 if opts.SessionToken != "" {
190 req.Header.Set("X-Amz-Security-Token", opts.SessionToken)
191 }
192 req = signer.SignV4STS(*req, opts.AccessKey, opts.SecretKey, opts.Location)
193
194 resp, err := clnt.Do(req)
195 if err != nil {
196 return AssumeRoleResponse{}, err
197 }
198 defer closeResponse(resp)
199 if resp.StatusCode != http.StatusOK {
200 var errResp ErrorResponse
201 buf, err := io.ReadAll(resp.Body)
202 if err != nil {

Callers 1

Calls 8

SignV4STSFunction · 0.92
EncodeToStringMethod · 0.80
DoMethod · 0.80
closeResponseFunction · 0.70
xmlDecodeAndBodyFunction · 0.70
SetMethod · 0.45
SeekMethod · 0.45
StringMethod · 0.45

Tested by

no test coverage detected