S3ExpressIdentityProvider.php
55 lines
| 1 | <?php |
| 2 | namespace Aws\Identity\S3; |
| 3 | |
| 4 | use Aws; |
| 5 | use Aws\LruArrayCache; |
| 6 | use GuzzleHttp\Promise; |
| 7 | |
| 8 | class S3ExpressIdentityProvider |
| 9 | { |
| 10 | |
| 11 | private $cache; |
| 12 | private $region; |
| 13 | private $config; |
| 14 | private $s3Client; |
| 15 | public function __construct($clientRegion, array $config = []) |
| 16 | { |
| 17 | $this->cache = new LruArrayCache(100); |
| 18 | $this->region = $clientRegion; |
| 19 | $this->config = $config; |
| 20 | } |
| 21 | |
| 22 | public function __invoke($command) |
| 23 | { |
| 24 | $s3Client = $this->getS3Client(); |
| 25 | $bucket = $command['Bucket']; |
| 26 | if ($identity = $this->cache->get($bucket)) { |
| 27 | if (!$identity->isExpired()) { |
| 28 | return Promise\Create::promiseFor($identity); |
| 29 | } |
| 30 | } |
| 31 | $response = $s3Client->createSession(['Bucket' => $bucket]); |
| 32 | $identity = new Aws\Identity\S3\S3ExpressIdentity( |
| 33 | $response['Credentials']['AccessKeyId'], |
| 34 | $response['Credentials']['SecretAccessKey'], |
| 35 | $response['Credentials']['SessionToken'], |
| 36 | $response['Credentials']['Expiration']->getTimestamp() |
| 37 | ); |
| 38 | $this->cache->set($bucket, $identity); |
| 39 | return Promise\Create::promiseFor($identity); |
| 40 | } |
| 41 | |
| 42 | private function getS3Client() |
| 43 | { |
| 44 | if (is_null($this->s3Client)) { |
| 45 | $this->s3Client = isset($this->config['client']) |
| 46 | ? $this->config['client'] // internal use only |
| 47 | : new Aws\S3\S3Client([ |
| 48 | 'region' => $this->region, |
| 49 | 'disable_express_session_auth' => true |
| 50 | ]); |
| 51 | } |
| 52 | return $this->s3Client; |
| 53 | } |
| 54 | } |
| 55 |