Skip to main content

u_sdk/
credentials.rs

1//! Credentials and CredentialsProvider definitions.
2//!
3//! 在构建client的时候需要传入实现了CredentialsProvider trait的类型,因为trait `CredentialsProvider`的load方法是异步的,
4//! 所以有些像预签名等api本身是同步的,但是需要用到Credentials的时候,可能需要异步获取Credentials,所以这类操作因此也变为异步的。
5//!
6//! # Example
7//!
8//! ```no_run
9//! use serde::Deserialize;
10//! use std::sync::Arc;
11//! use u_sdk::credentials::{Credentials, CredentialsProvider};
12//! use u_sdk::oss;
13//!
14//! #[derive(Deserialize, Debug)]
15//! pub struct OssConfig {
16//!     pub access_key_id: String,
17//!     pub access_key_secret: String,
18//!     pub endpoint: String,
19//!     pub bucket_name: String,
20//!     pub region: String,
21//! }
22//!
23//! pub struct OssCredsProvider {
24//!     creds: Arc<Credentials>,
25//! }
26//!
27//! impl OssCredsProvider {
28//!     pub fn new(access_key_id: String, access_key_secret: String) -> Self {
29//!         Self {
30//!             creds: Credentials::new(access_key_id, access_key_secret, None, None).into(),
31//!         }
32//!     }
33//! }
34//!
35//! #[async_trait::async_trait]
36//! impl CredentialsProvider for OssCredsProvider {
37//!     async fn load(
38//!         &self,
39//!     ) -> Result<Arc<Credentials>, Box<dyn std::error::Error + Send + Sync + 'static>> {
40//!         Ok(Arc::clone(&self.creds))
41//!     }
42//! }
43//!
44//! fn get_oss_client() -> oss::Client {
45//!     let file_str = std::fs::read_to_string("tests/oss/config.toml").unwrap();
46//!     let conf = toml::from_str::<OssConfig>(&file_str).unwrap();
47//!     let creds_provider = Arc::new(OssCredsProvider::new(
48//!         conf.access_key_id,
49//!         conf.access_key_secret,
50//!     ));
51//!     oss::Client::builder()
52//!         .credentials_provider(creds_provider)
53//!         .endpoint(conf.endpoint)
54//!         .region(conf.region)
55//!         .bucket(conf.bucket_name)
56//!         .build()
57//! }
58//! ```
59
60use std::sync::Arc;
61use time::OffsetDateTime;
62
63#[derive(Clone, Debug)]
64pub struct Credentials {
65    pub access_key_id: String,
66    pub access_key_secret: String,
67    pub sts_security_token: Option<String>,
68    /// 在oss, sts, email等等sdk中没有使用这个字段
69    /// 提供这个字段主要是为了方便用户自行实现CredentialsProvider的时候,可以知道这个Credentials什么时候过期,从而决定是否需要刷新Credentials
70    pub expires_at: Option<OffsetDateTime>,
71}
72
73impl Credentials {
74    pub fn new(
75        access_key_id: impl Into<String>,
76        access_key_secret: impl Into<String>,
77        security_token: Option<String>,
78        expires_at: Option<OffsetDateTime>,
79    ) -> Self {
80        Self {
81            access_key_id: access_key_id.into(),
82            access_key_secret: access_key_secret.into(),
83            sts_security_token: security_token,
84            expires_at,
85        }
86    }
87}
88
89#[async_trait::async_trait]
90pub trait CredentialsProvider: Send + Sync {
91    async fn load(
92        &self,
93    ) -> Result<Arc<Credentials>, Box<dyn std::error::Error + Send + Sync + 'static>>;
94}