mountpoint_s3_crt/auth/
credentials.rs1use std::fmt::Debug;
4use std::ptr::NonNull;
5
6use mountpoint_s3_crt_sys::{
7 aws_credentials_provider, aws_credentials_provider_acquire, aws_credentials_provider_chain_default_options,
8 aws_credentials_provider_new_anonymous, aws_credentials_provider_new_chain_default,
9 aws_credentials_provider_new_profile, aws_credentials_provider_new_static,
10 aws_credentials_provider_profile_options, aws_credentials_provider_release,
11 aws_credentials_provider_static_options,
12};
13
14use crate::auth::auth_library_init;
15use crate::common::allocator::Allocator;
16use crate::common::error::Error;
17use crate::io::channel_bootstrap::ClientBootstrap;
18use crate::{CrtError as _, ToAwsByteCursor as _};
19
20#[derive(Debug)]
22pub struct CredentialsProviderChainDefaultOptions<'a> {
23 pub bootstrap: &'a mut ClientBootstrap,
25}
26
27#[derive(Debug)]
29pub struct CredentialsProviderProfileOptions<'a> {
30 pub bootstrap: &'a mut ClientBootstrap,
32 pub profile_name_override: &'a str,
34}
35
36pub struct CredentialsProviderStaticOptions<'a> {
38 pub access_key_id: &'a str,
40 pub secret_access_key: &'a str,
42 pub session_token: Option<&'a str>,
44}
45
46impl Debug for CredentialsProviderStaticOptions<'_> {
47 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
48 f.debug_struct("CredentialsProviderStaticOptions")
49 .field("access_key_id", &"** redacted **")
50 .field("secret_access_key", &"** redacted **")
51 .field("session_token", &self.session_token.map(|_| "** redacted **"))
52 .finish()
53 }
54}
55
56#[derive(Debug)]
59pub struct CredentialsProvider {
60 pub(crate) inner: NonNull<aws_credentials_provider>,
61}
62
63unsafe impl Send for CredentialsProvider {}
65unsafe impl Sync for CredentialsProvider {}
67
68impl CredentialsProvider {
69 pub fn new_chain_default(
71 allocator: &Allocator,
72 options: CredentialsProviderChainDefaultOptions,
73 ) -> Result<Self, Error> {
74 auth_library_init(allocator);
75
76 let inner_options = aws_credentials_provider_chain_default_options {
77 bootstrap: options.bootstrap.inner.as_ptr(),
78 ..Default::default()
79 };
80
81 let inner = unsafe {
83 aws_credentials_provider_new_chain_default(allocator.inner.as_ptr(), &inner_options).ok_or_last_error()?
84 };
85
86 Ok(Self { inner })
87 }
88
89 pub fn new_anonymous(allocator: &Allocator) -> Result<Self, Error> {
92 auth_library_init(allocator);
93
94 let inner = unsafe {
96 aws_credentials_provider_new_anonymous(allocator.inner.as_ptr(), std::ptr::null_mut()).ok_or_last_error()?
97 };
98
99 Ok(Self { inner })
100 }
101
102 pub fn new_profile(allocator: &Allocator, options: CredentialsProviderProfileOptions) -> Result<Self, Error> {
104 auth_library_init(allocator);
105
106 let inner = unsafe {
109 let inner_options = aws_credentials_provider_profile_options {
110 bootstrap: options.bootstrap.inner.as_ptr(),
111 profile_name_override: options.profile_name_override.as_aws_byte_cursor(),
112 ..Default::default()
113 };
114
115 aws_credentials_provider_new_profile(allocator.inner.as_ptr(), &inner_options).ok_or_last_error()?
116 };
117
118 Ok(Self { inner })
119 }
120
121 pub fn new_static(allocator: &Allocator, options: CredentialsProviderStaticOptions) -> Result<Self, Error> {
123 auth_library_init(allocator);
124
125 let inner = unsafe {
127 let inner_options = aws_credentials_provider_static_options {
128 access_key_id: options.access_key_id.as_aws_byte_cursor(),
129 secret_access_key: options.secret_access_key.as_aws_byte_cursor(),
130 session_token: options
131 .session_token
132 .map(|t| t.as_aws_byte_cursor())
133 .unwrap_or_default(),
134 ..Default::default()
135 };
136
137 aws_credentials_provider_new_static(allocator.inner.as_ptr(), &inner_options).ok_or_last_error()?
138 };
139
140 Ok(Self { inner })
141 }
142}
143
144impl Clone for CredentialsProvider {
145 fn clone(&self) -> Self {
146 unsafe {
148 aws_credentials_provider_acquire(self.inner.as_ptr());
149 }
150
151 Self { inner: self.inner }
152 }
153}
154
155impl Drop for CredentialsProvider {
156 fn drop(&mut self) {
157 unsafe {
160 aws_credentials_provider_release(self.inner.as_ptr());
161 }
162 }
163}