Class AwsCodeCommitCredentialProvider
java.lang.Object
org.eclipse.jgit.transport.CredentialsProvider
org.springframework.cloud.config.server.support.AwsCodeCommitCredentialProvider
public class AwsCodeCommitCredentialProvider
extends org.eclipse.jgit.transport.CredentialsProvider
Provides a jgit
CredentialsProvider
implementation that can provide the
appropriate credentials to connect to an AWS CodeCommit repository.
From the command line, you can configure git to use AWS code commit with a credential helper. However, jgit does not support credential helper commands, but it does provide a CredentialsProvider abstract class we can extend. Connecting to an AWS CodeCommit (codecommit) repository requires an AWS access key and secret key. These are used to calculate a signature for the git request. The AWS access key is used as the codecommit username, and the calculated signature is used as the password. The process for calculating this signature is documented very well at https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html.
Connecting to an AWS CodeCommit (codecommit) repository requires an AWS access key and secret key. These are used to calculate a signature for the git request. The AWS access key is used as the codecommit username, and the calculated signature is used as the password. The process for calculating this signature is documented very well at https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html.- Author:
- Don Laidlaw
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionclass
Simple implementation of AWSCredentialsProvider that just wraps static AWSCredentials. -
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected static String
calculateCodeCommitPassword
(org.eclipse.jgit.transport.URIish uri, String awsSecretKey) Calculate the AWS CodeCommit password for the provided URI and AWS secret key.static boolean
This provider can handle uris like https://git-codecommit.$AWS_REGION.amazonaws.com/v1/repos/$REPO .boolean
get
(org.eclipse.jgit.transport.URIish uri, org.eclipse.jgit.transport.CredentialItem... items) Get the username and password to use for the given uri.com.amazonaws.auth.AWSCredentialsProvider
boolean
This credentials provider cannot run interactively.void
reset
(org.eclipse.jgit.transport.URIish uri) Throw out cached data and force retrieval of AWS credentials.void
setAwsCredentialProvider
(com.amazonaws.auth.AWSCredentialsProvider awsCredentialProvider) void
setPassword
(String password) void
setUsername
(String username) boolean
supports
(org.eclipse.jgit.transport.CredentialItem... items) We support username and password credential items only.Methods inherited from class org.eclipse.jgit.transport.CredentialsProvider
get, getDefault, isAnyNull, setDefault
-
Field Details
-
logger
protected org.apache.commons.logging.Log logger
-
-
Constructor Details
-
AwsCodeCommitCredentialProvider
public AwsCodeCommitCredentialProvider()
-
-
Method Details
-
calculateCodeCommitPassword
protected static String calculateCodeCommitPassword(org.eclipse.jgit.transport.URIish uri, String awsSecretKey) Calculate the AWS CodeCommit password for the provided URI and AWS secret key. This uses the algorithm published by AWS at https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html- Parameters:
uri
- the codecommit repository uriawsSecretKey
- the aws secret key- Returns:
- the password to use in the git request
-
canHandle
This provider can handle uris like https://git-codecommit.$AWS_REGION.amazonaws.com/v1/repos/$REPO .- Parameters:
uri
- uri to parse- Returns:
true
if the URI can be handled
-
isInteractive
public boolean isInteractive()This credentials provider cannot run interactively.- Specified by:
isInteractive
in classorg.eclipse.jgit.transport.CredentialsProvider
- Returns:
- false
- See Also:
-
CredentialsProvider.isInteractive()
-
supports
public boolean supports(org.eclipse.jgit.transport.CredentialItem... items) We support username and password credential items only.- Specified by:
supports
in classorg.eclipse.jgit.transport.CredentialsProvider
- See Also:
-
CredentialsProvider.supports(org.eclipse.jgit.transport.CredentialItem[])
-
get
public boolean get(org.eclipse.jgit.transport.URIish uri, org.eclipse.jgit.transport.CredentialItem... items) throws org.eclipse.jgit.errors.UnsupportedCredentialItem Get the username and password to use for the given uri.- Specified by:
get
in classorg.eclipse.jgit.transport.CredentialsProvider
- Throws:
org.eclipse.jgit.errors.UnsupportedCredentialItem
- See Also:
-
CredentialsProvider.get(org.eclipse.jgit.transport.URIish, org.eclipse.jgit.transport.CredentialItem[])
-
reset
public void reset(org.eclipse.jgit.transport.URIish uri) Throw out cached data and force retrieval of AWS credentials.- Overrides:
reset
in classorg.eclipse.jgit.transport.CredentialsProvider
- Parameters:
uri
- This parameter is not used in this implementation.
-
getAwsCredentialProvider
public com.amazonaws.auth.AWSCredentialsProvider getAwsCredentialProvider()- Returns:
- the awsCredentialProvider
-
setAwsCredentialProvider
public void setAwsCredentialProvider(com.amazonaws.auth.AWSCredentialsProvider awsCredentialProvider) - Parameters:
awsCredentialProvider
- the awsCredentialProvider to set
-
getUsername
- Returns:
- the username
-
setUsername
- Parameters:
username
- the username to set
-
getPassword
- Returns:
- the password
-
setPassword
- Parameters:
password
- the password to set
-