AWSCodePipelineJobCredentialsProvider.java example

Explorer

aws-codepipeline-plugin-for-jenkins-master
- src
  - main
    - java
      - com
        amazonaws
        codepipeline
        jenkinsplugin
        AWSClientFactory.java
        AWSClients.java
        AWSCodePipelineJobCredentialsProvider.java
        AWSCodePipelinePublisher.java
        AWSCodePipelineSCM.java
        ArchiveEntryFactory.java
        CodePipelineStateModel.java
        CodePipelineStateService.java
        CompressionTools.java
        DownloadCallable.java
        ExtractionTools.java
        JenkinsMetadata.java
        LoggingHelper.java
        OutputArtifact.java
        PublisherCallable.java
        PublisherTools.java
        Validation.java
  - test
    - java
      - com
        amazonaws
        codepipeline
        jenkinsplugin
        AWSClientsTest.java
        AWSCodePipelineJobCredentialsProviderTest.java
        AWSCodePipelinePublisherTest.java
        AWSCodePipelineSCMTest.java
        CodePipelineStateModelTests.java
        CompressionToolsTest.java
        DownloadCallableTest.java
        ExtractionToolsTest.java
        PublisherCallableTest.java
        PublisherToolsTest.java
        TestUtils.java
        ValidationTest.java

/*
 * Copyright 2016 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 *
 * Licensed under the Apache License, Version 2.0 (the "License").
 * You may not use this file except in compliance with the License.
 * A copy of the License is located at
 *
 *  http://aws.amazon.com/apache2.0
 *
 * or in the "license" file accompanying this file. This file is distributed
 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
 * express or implied. See the License for the specific language governing
 * permissions and limitations under the License.
 */
package com.amazonaws.codepipeline.jenkinsplugin;

import java.util.Objects;

import org.joda.time.Duration;
import org.joda.time.Instant;

import com.amazonaws.auth.AWSCredentialsProvider;
import com.amazonaws.auth.AWSSessionCredentials;
import com.amazonaws.auth.BasicSessionCredentials;
import com.amazonaws.services.codepipeline.AWSCodePipeline;
import com.amazonaws.services.codepipeline.model.GetJobDetailsRequest;
import com.amazonaws.services.codepipeline.model.GetJobDetailsResult;

public final class AWSCodePipelineJobCredentialsProvider implements AWSCredentialsProvider {

    // CodePipeline job credentials are valid for 15 minutes
    private static final Duration CREDENTIALS_DURATION = Duration.standardMinutes(14);

    private final String jobId;
    private final AWSCodePipeline codePipelineClient;

    private volatile AWSSessionCredentials credentials;
    private volatile Instant lastRefreshedInstant;

    public AWSCodePipelineJobCredentialsProvider(final String jobId, final AWSCodePipeline codePipelineClient) {
        this.jobId = Objects.requireNonNull(jobId, "jobId must not be null");
        this.codePipelineClient = Objects.requireNonNull(codePipelineClient, "codePipelineClient must not be null");
    }

    @Override
    public AWSSessionCredentials getCredentials() {
        if (this.credentials == null || this.lastRefreshedInstant.isBefore(Instant.now().minus(CREDENTIALS_DURATION))) {
            refresh();
        }
        return this.credentials;
    }

    @Override
    public synchronized void refresh() {
        final GetJobDetailsRequest getJobDetailsRequest = new GetJobDetailsRequest().withJobId(jobId);
        final GetJobDetailsResult getJobDetailsResult = codePipelineClient.getJobDetails(getJobDetailsRequest);
        final com.amazonaws.services.codepipeline.model.AWSSessionCredentials credentials
            = getJobDetailsResult.getJobDetails().getData().getArtifactCredentials();

        this.lastRefreshedInstant = Instant.now();
        this.credentials = new BasicSessionCredentials(
                credentials.getAccessKeyId(),
                credentials.getSecretAccessKey(),
                credentials.getSessionToken());
    }

}