Página inicial Explorar Ajuda
Registrar Entrar
moonsflyer
/
yunjing_master
1
0
Fork 0
Arquivos Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
yunjing_master
/
sdk
/
aws
/
Aws
/
Rds
/
AuthTokenGenerator.php

AuthTokenGenerator.php 2.1 KB
Link permanente Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172 
  1. <?php
    2. 

  2. namespace Aws\Rds;
    3. 

  3. 

  4. use Aws\Credentials\CredentialsInterface;
    5. 

  5. use Aws\Credentials\Credentials;
    6. 

  6. use Aws\Signature\SignatureV4;
    7. 

  7. use GuzzleHttp\Psr7\Request;
    8. 

  8. use GuzzleHttp\Psr7\Uri;
    9. 

  9. use GuzzleHttp\Promise;
    10. 

  10. use Aws;
    11. 

  11. 

  12. /**
    13. 

  13.  * Generates RDS auth tokens for use with IAM authentication.
    14. 

  14.  */
    15. 

  15. class AuthTokenGenerator
    16. 

  16. {
    17. 

  17. 

  18.     private $credentialProvider;
    19. 

  19. 

  20.     /**
    21. 

  21.      * The constructor takes an instance of Credentials or a CredentialProvider
    22. 

  22.      *
    23. 

  23.      * @param callable|Credentials $creds
    24. 

  24.      */
    25. 

  25.     public function __construct($creds)
    26. 

  26.     {
    27. 

  27.         if ($creds instanceof CredentialsInterface) {
    28. 

  28.             $promise = new Promise\FulfilledPromise($creds);
    29. 

  29.             $this->credentialProvider = Aws\constantly($promise);
    30. 

  30.         } else {
    31. 

  31.             $this->credentialProvider = $creds;
    32. 

  32.         }
    33. 

  33.     }
    34. 

  34. 

  35.     /**
    36. 

  36.      * Create the token for database login
    37. 

  37.      *
    38. 

  38.      * @param string $endpoint The database hostname with port number specified
    39. 

  39.      *                         (e.g., host:port)
    40. 

  40.      * @param string $region The region where the database is located
    41. 

  41.      * @param string $username The username to login as
    42. 

  42.      * @param int $lifetime The lifetime of the token in minutes
    43. 

  43.      *
    44. 

  44.      * @return string Token generated
    45. 

  45.      */
    46. 

  46.     public function createToken($endpoint, $region, $username, $lifetime = 15)
    47. 

  47.     {
    48. 

  48.         if (!is_numeric($lifetime) || $lifetime > 15 || $lifetime <= 0) {
    49. 

  49.             throw new \InvalidArgumentException(
    50. 

  50.                 "Lifetime must be a positive number less than or equal to 15, was {$lifetime}",
    51. 

  51.                 null
    52. 

  52.             );
    53. 

  53.         }
    54. 

  54. 

  55.         $uri = new Uri($endpoint);
    56. 

  56.         $uri = $uri->withPath('/');
    57. 

  57.         $uri = $uri->withQuery('Action=connect&DBUser=' . $username);
    58. 

  58. 

  59.         $request = new Request('GET', $uri);
    60. 

  60.         $signer = new SignatureV4('rds-db', $region);
    61. 

  61.         $provider = $this->credentialProvider;
    62. 

  62. 

  63.         $url = (string) $signer->presign(
    64. 

  64.             $request,
    65. 

  65.             $provider()->wait(),
    66. 

  66.             '+' . $lifetime . ' minutes'
    67. 

  67.         )->getUri();
    68. 

  68. 

  69.         // Remove 2 extra slash from the presigned url result
    70. 

  70.         return substr($url, 2);
    71. 

  71.     }
    72. 

  72. }
    73.