Ir a la última revisión | Autoría | Comparar con el anterior | Ultima modificación | Ver Log |
<?phpnamespace Aws\Rds;use Aws\Credentials\CredentialsInterface;use Aws\Credentials\Credentials;use Aws\Signature\SignatureV4;use GuzzleHttp\Psr7\Request;use GuzzleHttp\Psr7\Uri;use GuzzleHttp\Promise;use Aws;/*** Generates RDS auth tokens for use with IAM authentication.*/class AuthTokenGenerator{private $credentialProvider;/*** The constructor takes an instance of Credentials or a CredentialProvider** @param callable|Credentials $creds*/public function __construct($creds){if ($creds instanceof CredentialsInterface) {$promise = new Promise\FulfilledPromise($creds);$this->credentialProvider = Aws\constantly($promise);} else {$this->credentialProvider = $creds;}}/*** Create the token for database login** @param string $endpoint The database hostname with port number specified* (e.g., host:port)* @param string $region The region where the database is located* @param string $username The username to login as* @param int $lifetime The lifetime of the token in minutes** @return string Token generated*/public function createToken($endpoint, $region, $username, $lifetime = 15){if (!is_numeric($lifetime) || $lifetime > 15 || $lifetime <= 0) {throw new \InvalidArgumentException("Lifetime must be a positive number less than or equal to 15, was {$lifetime}",null);}$uri = new Uri($endpoint);$uri = $uri->withPath('/');$uri = $uri->withQuery('Action=connect&DBUser=' . $username);$request = new Request('GET', $uri);$signer = new SignatureV4('rds-db', $region);$provider = $this->credentialProvider;$url = (string) $signer->presign($request,$provider()->wait(),'+' . $lifetime . ' minutes')->getUri();// Remove 2 extra slash from the presigned url resultreturn substr($url, 2);}}