Mercurial > hg > orthanc-object-storage

changeset 53:1c3e34f5c5c6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
AWS S3: if no access & secret keys are provided, now getting the credentials from the default credentials manager
author Alain Mazy <am@osimis.io>
date Fri, 21 May 2021 09:02:53 +0200
parents 8a1dfd2d790d
children f1688e875d3e
files Aws/AwsS3StoragePlugin.cpp NEWS
diffstat 2 files changed, 21 insertions(+), 17 deletions(-) [+]
line wrap: on
line diff
--- a/Aws/AwsS3StoragePlugin.cpp	Mon Apr 26 09:42:30 2021 +0200
+++ b/Aws/AwsS3StoragePlugin.cpp	Fri May 21 09:02:53 2021 +0200
@@ -234,18 +234,6 @@
     return nullptr;
   }
 
-  if (!pluginSection.LookupStringValue(accessKey, "AccessKey"))
-  {
-    OrthancPlugins::LogError("AwsS3Storage/AccessKey configuration missing.  Unable to initialize plugin");
-    return nullptr;
-  }
-
-  if (!pluginSection.LookupStringValue(secretKey, "SecretKey"))
-  {
-    OrthancPlugins::LogError("AwsS3Storage/SecretKey configuration missing.  Unable to initialize plugin");
-    return nullptr;
-  }
-
   std::string endpoint = pluginSection.GetStringValue("Endpoint", "");
   unsigned int connectTimeout = pluginSection.GetUnsignedIntegerValue("ConnectTimeout", 30);
   unsigned int requestTimeout = pluginSection.GetUnsignedIntegerValue("RequestTimeout", 1200);
@@ -256,7 +244,6 @@
     Aws::SDKOptions options;
     Aws::InitAPI(options);
 
-    Aws::Auth::AWSCredentials credentials(accessKey.c_str(), secretKey.c_str());
     Aws::Client::ClientConfiguration configuration;
     configuration.region = region.c_str();
     configuration.scheme = Aws::Http::Scheme::HTTPS;
@@ -269,15 +256,31 @@
       configuration.endpointOverride = endpoint.c_str();
     }
 
-    Aws::S3::S3Client client(credentials, configuration, Aws::Client::AWSAuthV4Signer::PayloadSigningPolicy::Never, virtualAddressing);
+    if (pluginSection.LookupStringValue(accessKey, "AccessKey") && pluginSection.LookupStringValue(secretKey, "SecretKey"))
+    {
+      OrthancPlugins::LogInfo("AWS S3 Storage: using credentials from the configuration file");
+      Aws::Auth::AWSCredentials credentials(accessKey.c_str(), secretKey.c_str());
+      
+      Aws::S3::S3Client client(credentials, configuration, Aws::Client::AWSAuthV4Signer::PayloadSigningPolicy::Never, virtualAddressing);
+      
+      OrthancPlugins::LogInfo("AWS S3 storage initialized");
 
-    OrthancPlugins::LogInfo("AWS S3 storage initialized");
+      return new AwsS3StoragePlugin(client, bucketName, enableLegacyStorageStructure);
+    } 
+    else
+    {
+      // when using default credentials, credentials are not checked at startup but only the first time you try to access the bucket !
+      OrthancPlugins::LogInfo("AWS S3 Storage: using default credentials provider");
+      Aws::S3::S3Client client(configuration, Aws::Client::AWSAuthV4Signer::PayloadSigningPolicy::Never, virtualAddressing);
 
-    return new AwsS3StoragePlugin(client, bucketName, enableLegacyStorageStructure);
+      OrthancPlugins::LogInfo("AWS S3 storage initialized");
+
+      return new AwsS3StoragePlugin(client, bucketName, enableLegacyStorageStructure);
+    }  
   }
   catch (const std::exception& e)
   {
-    OrthancPlugins::LogError(std::string("AzureBlobStorage plugin: failed to initialize plugin: ") + e.what());
+    OrthancPlugins::LogError(std::string("AWS S3 Storage plugin: failed to initialize plugin: ") + e.what());
     return nullptr;
   }
 
--- a/NEWS	Mon Apr 26 09:42:30 2021 +0200
+++ b/NEWS	Fri May 21 09:02:53 2021 +0200
@@ -1,6 +1,7 @@
 Pending changes in the mainline
 ===============================
 
+* AWS S3: if no access & secret keys are provided, now getting the credentials from the default credentials manager
 
 2021-04-26 - v 1.2.0
 ====================