Class: AliyunSDK::STS::Protocol
- Inherits:
-
Object
- Object
- AliyunSDK::STS::Protocol
- Includes:
- Common::Logging
- Defined in:
- lib/aliyun_sdk/sts/protocol.rb
Overview
Protocol implements the STS Open API which is low-level. User should refer to Client for normal use.
Constant Summary collapse
- ENDPOINT =
'https://sts.aliyuncs.com'
- FORMAT =
'XML'
- API_VERSION =
'2015-04-01'
- SIGNATURE_METHOD =
'HMAC-SHA1'
- SIGNATURE_VERSION =
'1.0'
Constants included from Common::Logging
Common::Logging::DEFAULT_LOG_FILE, Common::Logging::MAX_NUM_LOG, Common::Logging::ROTATE_SIZE
Instance Method Summary collapse
-
#assume_role(role, session, policy = nil, duration = 3600) ⇒ STS::Token
Assume a role.
-
#initialize(config) ⇒ Protocol
constructor
A new instance of Protocol.
Methods included from Common::Logging
#logger, set_log_file, set_log_level
Constructor Details
#initialize(config) ⇒ Protocol
Returns a new instance of Protocol.
22 23 24 |
# File 'lib/aliyun_sdk/sts/protocol.rb', line 22 def initialize(config) @config = config end |
Instance Method Details
#assume_role(role, session, policy = nil, duration = 3600) ⇒ STS::Token
Assume a role
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 |
# File 'lib/aliyun_sdk/sts/protocol.rb', line 33 def assume_role(role, session, policy = nil, duration = 3600) logger.info("Begin assume role, role: #{role}, session: #{session}, "\ "policy: #{policy}, duration: #{duration}") params = { 'Action' => 'AssumeRole', 'RoleArn' => role, 'RoleSessionName' => session, 'DurationSeconds' => duration.to_s } params.merge!({'Policy' => policy.serialize}) if policy body = do_request(params) doc = parse_xml(body) creds_node = doc.at_css("Credentials") creds = { session_name: session, access_key_id: get_node_text(creds_node, 'AccessKeyId'), access_key_secret: get_node_text(creds_node, 'AccessKeySecret'), security_token: get_node_text(creds_node, 'SecurityToken'), expiration: get_node_text( creds_node, 'Expiration') { |x| Time.parse(x) }, } logger.info("Done assume role, creds: #{creds}") Token.new(creds) end |