STS集成与AWSS3TransferManagerUploadRequest和AWSS3TransferManagerDownloadRequest [英] Integrating STS with AWSS3TransferManagerUploadRequest and AWSS3TransferManagerDownloadRequest
问题描述
我们正在努力在我们的Android和iOS应用程序,以实现AWS安全令牌服务。在后端,我们使用的是低于code,生成令牌:
We are trying to implement AWS Security Token Service in our android and iOS app. At backend we are using below code to generate token:
public class CloudManagementImpl implements CloudManagement{
private static final Logger Log = LoggerFactory.getLogger(CloudManagementImpl.class);
@Override
public CloudConfiguration getCloudProperties() {
CloudConfiguration CloudConfiguration = new CloudConfiguration();
AssumeRoleRequest assumeRoleRequest = new AssumeRoleRequest();
assumeRoleRequest.setRoleArn(JiveGlobals.getProperty(XYZConstant.AWS_ARN_EC2_ROLE_MAP));
assumeRoleRequest.setRoleSessionName(XYZConstant.AWS_ROLE_SESSIONNAME);
assumeRoleRequest.setDurationSeconds(JiveGlobals.getIntProperty(XYZConstant.AWS_CREDENTIALS_LIFETIME, 1800));
AWSSecurityTokenServiceClient stsClient = new AWSSecurityTokenServiceClient();
AssumeRoleResult assumeRoleResult = stsClient.assumeRole(assumeRoleRequest);
if (assumeRoleResult != null) {
Credentials sessionCredentials = assumeRoleResult.getCredentials();
CloudConfiguration.setAwsAccessId(sessionCredentials.getAccessKeyId());
CloudConfiguration.setAwsAccessKey(sessionCredentials.getSecretAccessKey());
CloudConfiguration.setToken(sessionCredentials.getSessionToken());
CloudConfiguration.setAwsMainBucket(JiveGlobals.getProperty(XYZConstant.AWS_MAIN_BUCKET));
} else {
Log.error("Cloud Management :: Propery values not configured ");
}
return CloudConfiguration;
}
}
生成的令牌在iOS和Android应用程序,通过一个单独的Web服务调用,然后得到的。
Generated token is then obtained in iOS and android app through a separate web-service call.
在安卓我们使用以下code消耗获取令牌:
In android we are using below code to consume retrieved token:
public S3Client(String accessKey, String secretKey, String token, String bucketName) {
super();
this.accessKey = accessKey;
this.secretKey = secretKey;
this.bucketName = bucketName;
BasicSessionCredentials basicSessionCredentials = new BasicSessionCredentials(accessKey, secretKey, token);
amazonS3Client = new AmazonS3Client(basicSessionCredentials);
}
但问题是 -
Problem is -
我们没有像Android的API中的AWS移动SDK版本2的iOS, 利用它我们可以消费检索到的道理,也许是最好的办法 实现这个东西的iOS是通过AWSCognitoCredentialsProvider, 但我们不能确定。
We do not have android like API in AWS mobile SDK version 2 for iOS, using which we can consume the retrieved token, perhaps the best way to achieve this thing in iOS is through AWSCognitoCredentialsProvider, but we are not sure.
请建议 - 什么是iOS中整合AWS安全令牌服务的最佳途径。
Please suggest - what is the best way to integrate AWS Security Token Service in iOS.
推荐答案
您需要通过符合 AWSCredentialsProvider 来实现自己的凭据提供。听起来像是你已经拥有了获取临时凭据从服务器code段。这种逻辑应该进入你的自定义凭据提供。您可以在执行看看 AWSWebIdentityCredentialsProvider 和 AWSCognitoCredentialsProvider 如何实现自己的凭据提供。
You need to implement your own credentials provider by conforming to AWSCredentialsProvider. Sounds like you already have a code snippet that retrieves the temporary credentials from your server. That logic should go into your custom credentials provider. You can take a look at the implementation of AWSWebIdentityCredentialsProvider and AWSCognitoCredentialsProvider for how to implement your own credentials provider.
这篇关于STS集成与AWSS3TransferManagerUploadRequest和AWSS3TransferManagerDownloadRequest的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
