1

我目前正在使用 AWS STS 访问 S3 资源。我第一次能够在 STS 凭证的帮助下使用 get 对象访问 S3 资源。15 分钟后,我使用 getAssumeRoleForUser 获得了新凭证。这次我是由于令牌过期异常,无法访问 S3 资源。以下是用于遵循上述过程的代码。

class CustomIdentityProvider: NSObject, AWSCredentialsProvider{
    var token:String!
    var awsAccessKey: String!
    var awsSecretKey: String!
    var awsExpiration:  NSDate!
    var awsRegion:String!
    
    func credentials() -> AWSTask<AWSCredentials>{
       // AWSPinpoint.
        let credentials = AWSCredentials(accessKey:self.awsAccessKey, secretKey:self.awsSecretKey, sessionKey :self.token, expiration:self.awsExpiration as! Date)
        return AWSTask(result:credentials)
    }
    func invalidateCachedTemporaryCredentials() {
        print("")
    }
    init(accessKey: String, secretKey: String, sessionKey: String?, expiration: NSDate?) {
       self.token = sessionKey
       self.awsAccessKey = accessKey
       self.awsSecretKey = secretKey
       self.awsExpiration =  expiration
   }
}
  //MARK - Using above provider to reset credentilas linke this-    AppSessionManager.shared.checkAndApplyRefreshMechanismOn1HrsTimeAndSchedulecompletion(completion: ){ (Roledata) in

            print(Roledata)

            let expirationTime   = Roledata.expiration

            let dateFormatter = DateFormatter()

            dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ssZ"

            let date = dateFormatter.date(from: expirationTime )

            let  awsExpiration      =  date as NSDate?

            let ProviderManager = CustomIdentityProvider(accessKey:Roledata.accessKeyId , secretKey: Roledata.secretAccessKey , sessionKey: Roledata.sessionToken , expiration: awsExpiration)
   let config = AWSServiceConfiguration(region: AWSRegionType.APSouth1,    credentialsProvider: ProviderManager)

             AWSServiceManager.default().defaultServiceConfiguration = config

        }
    

访问 S3 资源时出现 AWS STS 令牌更新问题

处理此令牌过期问题需要什么?我这边是否缺少更多设置或代码?

4

0 回答 0