module Amazonka.Auth
(
Auth (..),
withAuth,
discover,
runCredentialChain,
fromKeys,
fromSession,
fromTemporarySession,
fromKeysEnv,
fromFilePath,
fromFileEnv,
fromContainer,
fromContainerEnv,
fromAssumedRole,
fromWebIdentity,
fromWebIdentityEnv,
fromDefaultInstanceProfile,
fromNamedInstanceProfile,
fromSSO,
AccessKey (..),
SecretKey (..),
SessionToken (..),
AsAuthError (..),
AuthError (..),
Env,
EnvNoAuth,
Env' (..),
)
where
import Amazonka.Auth.ConfigFile (fromFileEnv, fromFilePath)
import Amazonka.Auth.Container (fromContainer, fromContainerEnv)
import Amazonka.Auth.Exception
import Amazonka.Auth.InstanceProfile (fromDefaultInstanceProfile, fromNamedInstanceProfile)
import Amazonka.Auth.Keys (fromKeys, fromKeysEnv, fromSession, fromTemporarySession)
import Amazonka.Auth.SSO (fromSSO)
import Amazonka.Auth.STS (fromAssumedRole, fromWebIdentity, fromWebIdentityEnv)
import Amazonka.Core.Lens.Internal (catching_)
import Amazonka.EC2.Metadata
import Amazonka.Env (Env, Env' (..), EnvNoAuth)
import Amazonka.Prelude
import Amazonka.Types
import Control.Monad.Catch (MonadCatch (..), throwM)
discover ::
(MonadCatch m, MonadIO m, Foldable withAuth) =>
Env' withAuth ->
m Env
discover :: forall (m :: * -> *) (withAuth :: * -> *).
(MonadCatch m, MonadIO m, Foldable withAuth) =>
Env' withAuth -> m Env
discover =
[Env' withAuth -> m Env] -> Env' withAuth -> m Env
forall (m :: * -> *) a b. MonadCatch m => [a -> m b] -> a -> m b
runCredentialChain
[ Env' withAuth -> m Env
forall (m :: * -> *) (withAuth :: * -> *).
MonadIO m =>
Env' withAuth -> m Env
fromKeysEnv,
Env' withAuth -> m Env
forall (m :: * -> *) (withAuth :: * -> *).
(MonadIO m, Foldable withAuth) =>
Env' withAuth -> m Env
fromFileEnv,
Env' withAuth -> m Env
forall (m :: * -> *) (withAuth :: * -> *).
MonadIO m =>
Env' withAuth -> m Env
fromWebIdentityEnv,
Env' withAuth -> m Env
forall (m :: * -> *) (withAuth :: * -> *).
MonadIO m =>
Env' withAuth -> m Env
fromContainerEnv,
\Env' withAuth
env -> do
Bool
onEC2 <- Manager -> m Bool
forall (m :: * -> *). MonadIO m => Manager -> m Bool
isEC2 (Manager -> m Bool) -> Manager -> m Bool
forall a b. (a -> b) -> a -> b
$ Env' withAuth -> Manager
forall (withAuth :: * -> *). Env' withAuth -> Manager
manager Env' withAuth
env
Bool -> m () -> m ()
forall (f :: * -> *). Applicative f => Bool -> f () -> f ()
unless Bool
onEC2 (m () -> m ()) -> m () -> m ()
forall a b. (a -> b) -> a -> b
$ AuthError -> m ()
forall e a. (HasCallStack, Exception e) => e -> m a
forall (m :: * -> *) e a.
(MonadThrow m, HasCallStack, Exception e) =>
e -> m a
throwM AuthError
CredentialChainExhausted
Env' withAuth -> m Env
forall (m :: * -> *) (withAuth :: * -> *).
MonadIO m =>
Env' withAuth -> m Env
fromDefaultInstanceProfile Env' withAuth
env
]
runCredentialChain :: MonadCatch m => [a -> m b] -> a -> m b
runCredentialChain :: forall (m :: * -> *) a b. MonadCatch m => [a -> m b] -> a -> m b
runCredentialChain [a -> m b]
chain a
env =
case [a -> m b]
chain of
[] -> AuthError -> m b
forall e a. (HasCallStack, Exception e) => e -> m a
forall (m :: * -> *) e a.
(MonadThrow m, HasCallStack, Exception e) =>
e -> m a
throwM AuthError
CredentialChainExhausted
a -> m b
provider : [a -> m b]
chain' ->
Getting (First AuthError) SomeException AuthError
-> m b -> m b -> m b
forall (m :: * -> *) a r.
MonadCatch m =>
Getting (First a) SomeException a -> m r -> m r -> m r
catching_ Getting (First AuthError) SomeException AuthError
forall a. AsAuthError a => Prism' a AuthError
Prism' SomeException AuthError
_AuthError (a -> m b
provider a
env) (m b -> m b) -> m b -> m b
forall a b. (a -> b) -> a -> b
$ [a -> m b] -> a -> m b
forall (m :: * -> *) a b. MonadCatch m => [a -> m b] -> a -> m b
runCredentialChain [a -> m b]
chain' a
env