Skip to content

Commit

Permalink
remove the use of try for StsClient to avoid closing the client prema…
Browse files Browse the repository at this point in the history 
…turely
  • Loading branch information
@hu-ahmed
hu-ahmed committed Sep 18, 2024
1 parent 01fdc5a commit 5ab6b17
Showing 1 changed file with 16 additions and 17 deletions.
33 changes: 16 additions & 17 deletions ...java/org/eclipse/ditto/internal/utils/persistence/mongo/auth/AwsAuthenticationHelper.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,25 +61,24 @@ public static MongoCredential provideAwsIamBasedMongoCredential(
}

final Supplier<AwsCredential> awsFreshCredentialSupplier;
try (final StsClient stsClient = stsClientBuilder.build()) {
awsFreshCredentialSupplier = () -> {
LOGGER.info("Supplying AWS IAM credentials, assuming role <{}> in session name <{}>",
awsRoleArn, awsSessionName);
final StsClient stsClient = stsClientBuilder.build();
awsFreshCredentialSupplier = () -> {
LOGGER.info("Supplying AWS IAM credentials, assuming role <{}> in session name <{}>",
awsRoleArn, awsSessionName);

// assume role using the AWS SDK
final AssumeRoleRequest roleRequest = AssumeRoleRequest.builder()
.roleArn(awsRoleArn)
.roleSessionName(awsSessionName)
.build();
final AssumeRoleResponse roleResponse = stsClient.assumeRole(roleRequest);
final Credentials awsCredentials = roleResponse.credentials();
// assume role using the AWS SDK
final AssumeRoleRequest roleRequest = AssumeRoleRequest.builder()
.roleArn(awsRoleArn)
.roleSessionName(awsSessionName)
.build();
final AssumeRoleResponse roleResponse = stsClient.assumeRole(roleRequest);
final Credentials awsCredentials = roleResponse.credentials();

return new AwsCredential(awsCredentials.accessKeyId(), awsCredentials.secretAccessKey(),
awsCredentials.sessionToken());
};
return new AwsCredential(awsCredentials.accessKeyId(), awsCredentials.secretAccessKey(),
awsCredentials.sessionToken());
};

return MongoCredential.createAwsCredential(null, null)
.withMechanismProperty(MongoCredential.AWS_CREDENTIAL_PROVIDER_KEY, awsFreshCredentialSupplier);
}
return MongoCredential.createAwsCredential(null, null)
.withMechanismProperty(MongoCredential.AWS_CREDENTIAL_PROVIDER_KEY, awsFreshCredentialSupplier);
}
}

0 comments on commit 5ab6b17

Please sign in to comment.