allow vendord
All checks were successful
Build, Push and Deploy / build-and-push (push) Successful in 3m3s
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 16s
Build, Push and Deploy / deploy-staging (push) Successful in 32s
Build, Push and Deploy / deploy-production (push) Has been skipped
Build, Push and Deploy / cleanup (push) Successful in 1s

This commit is contained in:
2026-03-30 14:54:57 +07:00
parent 66aed7c4e8
commit b5e3a778ce
21316 changed files with 2777892 additions and 13 deletions

View File

@@ -0,0 +1,19 @@
<?php
namespace Aws\Identity;
/**
* Denotes the use of standard AWS credentials.
*
* @internal
*/
abstract class AwsCredentialIdentity implements IdentityInterface
{
/**
* Returns a UNIX timestamp, if available, representing the expiration
* time of the AWS Credential object. Returns null if no expiration is provided.
*
* @return int|null
*/
abstract public function getExpiration();
}

View File

@@ -0,0 +1,19 @@
<?php
namespace Aws\Identity;
/**
* Denotes the use of Bearer Token credentials.
*
* @internal
*/
abstract class BearerTokenIdentity implements IdentityInterface
{
/**
* Returns a UNIX timestamp, if available, representing the expiration
* time of the Bearer Token object. Returns null if no expiration is provided.
*
* @return int|null
*/
abstract public function getExpiration();
}

View File

@@ -0,0 +1,21 @@
<?php
namespace Aws\Identity;
/**
* An Identity object is used in identifying credential types and determining how
* the SDK authenticates with a service API for requests that require a signature.
*
* @internal
*/
interface IdentityInterface
{
/**
* Returns a UNIX timestamp, if available, representing
* the expiration time of the identity object. Returns null
* if no expiration is provided.
*
* @return int|null
*/
public function getExpiration();
}

View File

@@ -0,0 +1,6 @@
<?php
namespace Aws\Identity\S3;
use Aws\Credentials\Credentials;
class S3ExpressIdentity extends Credentials {}

View File

@@ -0,0 +1,53 @@
<?php
namespace Aws\Identity\S3;
use Aws;
use Aws\LruArrayCache;
use GuzzleHttp\Promise;
class S3ExpressIdentityProvider
{
private $cache;
private $region;
private $config;
private $s3Client;
public function __construct($clientRegion, array $config = [])
{
$this->cache = new LruArrayCache(100);
$this->region = $clientRegion;
$this->config = $config;
}
public function __invoke($command)
{
$s3Client = $this->getS3Client();
$bucket = $command['Bucket'];
if ($identity = $this->cache->get($bucket)) {
if (!$identity->isExpired()) {
return Promise\Create::promiseFor($identity);
}
}
$response = $s3Client->createSession(['Bucket' => $bucket]);
$identity = new Aws\Identity\S3\S3ExpressIdentity(
$response['Credentials']['AccessKeyId'],
$response['Credentials']['SecretAccessKey'],
$response['Credentials']['SessionToken'],
$response['Credentials']['Expiration']->getTimestamp()
);
$this->cache->set($bucket, $identity);
return Promise\Create::promiseFor($identity);
}
private function getS3Client()
{
if (is_null($this->s3Client)) {
$this->s3Client = $this->config['client']
?? new Aws\S3\S3Client([
'region' => $this->region,
'disable_express_session_auth' => true
]);
}
return $this->s3Client;
}
}