| 1 |
efrain |
1 |
<?php
|
|
|
2 |
namespace Aws\Endpoint\UseFipsEndpoint;
|
|
|
3 |
|
|
|
4 |
use Aws\AbstractConfigurationProvider;
|
|
|
5 |
use Aws\CacheInterface;
|
|
|
6 |
use Aws\ConfigurationProviderInterface;
|
|
|
7 |
use Aws\Endpoint\UseFipsEndpoint\Exception\ConfigurationException;
|
|
|
8 |
use GuzzleHttp\Promise;
|
|
|
9 |
|
|
|
10 |
/**
|
|
|
11 |
* A configuration provider is a function that returns a promise that is
|
|
|
12 |
* fulfilled with a {@see \Aws\Endpoint\UseFipsEndpoint\onfigurationInterface}
|
|
|
13 |
* or rejected with an {@see \Aws\Endpoint\UseFipsEndpoint\ConfigurationException}.
|
|
|
14 |
*
|
|
|
15 |
* <code>
|
|
|
16 |
* use Aws\Endpoint\UseFipsEndpoint\ConfigurationProvider;
|
|
|
17 |
* $provider = ConfigurationProvider::defaultProvider();
|
|
|
18 |
* // Returns a ConfigurationInterface or throws.
|
|
|
19 |
* $config = $provider()->wait();
|
|
|
20 |
* </code>
|
|
|
21 |
*
|
|
|
22 |
* Configuration providers can be composed to create configuration using
|
|
|
23 |
* conditional logic that can create different configurations in different
|
|
|
24 |
* environments. You can compose multiple providers into a single provider using
|
|
|
25 |
* {@see Aws\Endpoint\UseFipsEndpoint\ConfigurationProvider::chain}. This function
|
|
|
26 |
* accepts providers as variadic arguments and returns a new function that will
|
|
|
27 |
* invoke each provider until a successful configuration is returned.
|
|
|
28 |
*
|
|
|
29 |
* <code>
|
|
|
30 |
* // First try an INI file at this location.
|
|
|
31 |
* $a = ConfigurationProvider::ini(null, '/path/to/file.ini');
|
|
|
32 |
* // Then try an INI file at this location.
|
|
|
33 |
* $b = ConfigurationProvider::ini(null, '/path/to/other-file.ini');
|
|
|
34 |
* // Then try loading from environment variables.
|
|
|
35 |
* $c = ConfigurationProvider::env();
|
|
|
36 |
* // Combine the three providers together.
|
|
|
37 |
* $composed = ConfigurationProvider::chain($a, $b, $c);
|
|
|
38 |
* // Returns a promise that is fulfilled with a configuration or throws.
|
|
|
39 |
* $promise = $composed();
|
|
|
40 |
* // Wait on the configuration to resolve.
|
|
|
41 |
* $config = $promise->wait();
|
|
|
42 |
* </code>
|
|
|
43 |
*/
|
|
|
44 |
class ConfigurationProvider extends AbstractConfigurationProvider
|
|
|
45 |
implements ConfigurationProviderInterface
|
|
|
46 |
{
|
|
|
47 |
const ENV_USE_FIPS_ENDPOINT = 'AWS_USE_FIPS_ENDPOINT';
|
|
|
48 |
const INI_USE_FIPS_ENDPOINT = 'use_fips_endpoint';
|
|
|
49 |
|
|
|
50 |
public static $cacheKey = 'aws_cached_use_fips_endpoint_config';
|
|
|
51 |
|
|
|
52 |
protected static $interfaceClass = ConfigurationInterface::class;
|
|
|
53 |
protected static $exceptionClass = ConfigurationException::class;
|
|
|
54 |
|
|
|
55 |
/**
|
|
|
56 |
* Create a default config provider that first checks for environment
|
|
|
57 |
* variables, then checks for a specified profile in the environment-defined
|
|
|
58 |
* config file location (env variable is 'AWS_CONFIG_FILE', file location
|
|
|
59 |
* defaults to ~/.aws/config), then checks for the "default" profile in the
|
|
|
60 |
* environment-defined config file location, and failing those uses a default
|
|
|
61 |
* fallback set of configuration options.
|
|
|
62 |
*
|
|
|
63 |
* This provider is automatically wrapped in a memoize function that caches
|
|
|
64 |
* previously provided config options.
|
|
|
65 |
*
|
|
|
66 |
* @param array $config
|
|
|
67 |
*
|
|
|
68 |
* @return callable
|
|
|
69 |
*/
|
|
|
70 |
public static function defaultProvider(array $config = [])
|
|
|
71 |
{
|
|
|
72 |
$configProviders = [self::env()];
|
|
|
73 |
if (
|
|
|
74 |
!isset($config['use_aws_shared_config_files'])
|
|
|
75 |
|| $config['use_aws_shared_config_files'] != false
|
|
|
76 |
) {
|
|
|
77 |
$configProviders[] = self::ini();
|
|
|
78 |
}
|
|
|
79 |
$configProviders[] = self::fallback($config['region']);
|
|
|
80 |
|
|
|
81 |
$memo = self::memoize(
|
|
|
82 |
call_user_func_array([ConfigurationProvider::class, 'chain'], $configProviders)
|
|
|
83 |
);
|
|
|
84 |
|
|
|
85 |
if (isset($config['use_fips_endpoint'])
|
|
|
86 |
&& $config['use_fips_endpoint'] instanceof CacheInterface
|
|
|
87 |
) {
|
|
|
88 |
return self::cache($memo, $config['use_fips_endpoint'], self::$cacheKey);
|
|
|
89 |
}
|
|
|
90 |
|
|
|
91 |
return $memo;
|
|
|
92 |
}
|
|
|
93 |
|
|
|
94 |
/**
|
|
|
95 |
* Provider that creates config from environment variables.
|
|
|
96 |
*
|
|
|
97 |
* @return callable
|
|
|
98 |
*/
|
|
|
99 |
public static function env()
|
|
|
100 |
{
|
|
|
101 |
return function () {
|
|
|
102 |
// Use config from environment variables, if available
|
|
|
103 |
$useFipsEndpoint = getenv(self::ENV_USE_FIPS_ENDPOINT);
|
|
|
104 |
if (!empty($useFipsEndpoint)) {
|
|
|
105 |
return Promise\Create::promiseFor(
|
|
|
106 |
new Configuration($useFipsEndpoint)
|
|
|
107 |
);
|
|
|
108 |
}
|
|
|
109 |
|
|
|
110 |
return self::reject('Could not find environment variable config'
|
|
|
111 |
. ' in ' . self::ENV_USE_FIPS_ENDPOINT);
|
|
|
112 |
};
|
|
|
113 |
}
|
|
|
114 |
|
|
|
115 |
/**
|
|
|
116 |
* Config provider that creates config using a config file whose location
|
|
|
117 |
* is specified by an environment variable 'AWS_CONFIG_FILE', defaulting to
|
|
|
118 |
* ~/.aws/config if not specified
|
|
|
119 |
*
|
|
|
120 |
* @param string|null $profile Profile to use. If not specified will use
|
|
|
121 |
* the "default" profile.
|
|
|
122 |
* @param string|null $filename If provided, uses a custom filename rather
|
|
|
123 |
* than looking in the default directory.
|
|
|
124 |
*
|
|
|
125 |
* @return callable
|
|
|
126 |
*/
|
|
|
127 |
public static function ini($profile = null, $filename = null)
|
|
|
128 |
{
|
|
|
129 |
$filename = $filename ?: (self::getDefaultConfigFilename());
|
|
|
130 |
$profile = $profile ?: (getenv(self::ENV_PROFILE) ?: 'default');
|
|
|
131 |
|
|
|
132 |
return function () use ($profile, $filename) {
|
|
|
133 |
if (!@is_readable($filename)) {
|
|
|
134 |
return self::reject("Cannot read configuration from $filename");
|
|
|
135 |
}
|
|
|
136 |
|
|
|
137 |
// Use INI_SCANNER_NORMAL instead of INI_SCANNER_TYPED for PHP 5.5 compatibility
|
|
|
138 |
$data = \Aws\parse_ini_file($filename, true, INI_SCANNER_NORMAL);
|
|
|
139 |
if ($data === false) {
|
|
|
140 |
return self::reject("Invalid config file: $filename");
|
|
|
141 |
}
|
|
|
142 |
if (!isset($data[$profile])) {
|
|
|
143 |
return self::reject("'$profile' not found in config file");
|
|
|
144 |
}
|
|
|
145 |
if (!isset($data[$profile][self::INI_USE_FIPS_ENDPOINT])) {
|
|
|
146 |
return self::reject("Required use fips endpoint config values
|
|
|
147 |
not present in INI profile '{$profile}' ({$filename})");
|
|
|
148 |
}
|
|
|
149 |
|
|
|
150 |
// INI_SCANNER_NORMAL parses false-y values as an empty string
|
|
|
151 |
if ($data[$profile][self::INI_USE_FIPS_ENDPOINT] === "") {
|
|
|
152 |
$data[$profile][self::INI_USE_FIPS_ENDPOINT] = false;
|
|
|
153 |
}
|
|
|
154 |
|
|
|
155 |
return Promise\Create::promiseFor(
|
|
|
156 |
new Configuration($data[$profile][self::INI_USE_FIPS_ENDPOINT])
|
|
|
157 |
);
|
|
|
158 |
};
|
|
|
159 |
}
|
|
|
160 |
|
|
|
161 |
/**
|
|
|
162 |
* Fallback config options when other sources are not set.
|
|
|
163 |
*
|
|
|
164 |
* @return callable
|
|
|
165 |
*/
|
|
|
166 |
public static function fallback($region)
|
|
|
167 |
{
|
|
|
168 |
return function () use ($region) {
|
|
|
169 |
$isFipsPseudoRegion = strpos($region, 'fips-') !== false
|
|
|
170 |
|| strpos($region, '-fips') !== false;
|
|
|
171 |
if ($isFipsPseudoRegion){
|
|
|
172 |
$configuration = new Configuration(true);
|
|
|
173 |
} else {
|
|
|
174 |
$configuration = new Configuration(false);
|
|
|
175 |
}
|
|
|
176 |
return Promise\Create::promiseFor($configuration);
|
|
|
177 |
};
|
|
|
178 |
}
|
|
|
179 |
}
|