ホーム エクスプローラ ヘルプ
サインイン
urbanu619
/
yunbaolive
1
0
フォーク 0
ファイル 課題 0 プルリクエスト 0 Wiki
ツリー: a28ddc4840
ブランチ タグ
yunbaolive
/
web
/
sdk
/
aws
/
Aws
/
Rds
/
AuthTokenGenerator.php

AuthTokenGenerator.php 2.1 KB
履歴 Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 
  1. <?php
    2. 

  2. namespace Aws\Rds;
    3. 

  3. 

  4. use Aws\Credentials\CredentialsInterface;
    5. 

  5. use Aws\Credentials\Credentials;
    6. 

  6. use Aws\Signature\SignatureV4;
    7. 

  7. use GuzzleHttp\Psr7\Request;
    8. 

  8. use GuzzleHttp\Psr7\Uri;
    9. 

  9. use GuzzleHttp\Promise;
    10. 

  10. use Aws;
    11. 

  11. 

  12. /**
    13. 

  13.  * Generates RDS auth tokens for use with IAM authentication.
    14. 

  14.  */
    15. 

  15. class AuthTokenGenerator
    16. 

  16. {
    17. 

  17. 

  18.     private $credentialProvider;
    19. 

  19. 

  20.     /**
    21. 

  21.      * The constructor takes an instance of Credentials or a CredentialProvider
    22. 

  22.      *
    23. 

  23.      * @param callable|Credentials $creds
    24. 

  24.      */
    25. 

  25.     public function __construct($creds)
    26. 

  26.     {
    27. 

  27.         if ($creds instanceof CredentialsInterface) {
    28. 

  28.             if (!function_exists('Aws\constantly')) {
    29. 

  29.                 $promise = new Promise\FulfilledPromise($creds);
    30. 

  30.                 $this->credentialProvider = Aws\constantly($promise);
    31. 

  31.             }
    32. 

  32.         } else {
    33. 

  33.             $this->credentialProvider = $creds;
    34. 

  34.         }
    35. 

  35.     }
    36. 

  36. 

  37.     /**
    38. 

  38.      * Create the token for database login
    39. 

  39.      *
    40. 

  40.      * @param string $endpoint The database hostname with port number specified
    41. 

  41.      *                         (e.g., host:port)
    42. 

  42.      * @param string $region The region where the database is located
    43. 

  43.      * @param string $username The username to login as
    44. 

  44.      * @param int $lifetime The lifetime of the token in minutes
    45. 

  45.      *
    46. 

  46.      * @return string Token generated
    47. 

  47.      */
    48. 

  48.     public function createToken($endpoint, $region, $username, $lifetime = 15)
    49. 

  49.     {
    50. 

  50.         if (!is_numeric($lifetime) || $lifetime > 15 || $lifetime <= 0) {
    51. 

  51.             throw new \InvalidArgumentException(
    52. 

  52.                 "Lifetime must be a positive number less than or equal to 15, was {$lifetime}"
    53. 

  53.             );
    54. 

  54.         }
    55. 

  55. 

  56.         $uri = new Uri($endpoint);
    57. 

  57.         $uri = $uri->withPath('/');
    58. 

  58.         $uri = $uri->withQuery('Action=connect&DBUser=' . $username);
    59. 

  59. 

  60.         $request = new Request('GET', $uri);
    61. 

  61.         $signer = new SignatureV4('rds-db', $region);
    62. 

  62.         $provider = $this->credentialProvider;
    63. 

  63. 

  64.         $url = (string) $signer->presign(
    65. 

  65.             $request,
    66. 

  66.             $provider()->wait(),
    67. 

  67.             '+' . $lifetime . ' minutes'
    68. 

  68.         )->getUri();
    69. 

  69. 

  70.         // Remove 2 extra slash from the presigned url result
    71. 

  71.         return substr($url, 2);
    72. 

  72.     }
    73. 

  73. }
    74.