diff --git a/oauth2_http/java/com/google/auth/oauth2/AwsRequestSigner.java b/oauth2_http/java/com/google/auth/oauth2/AwsRequestSigner.java index a890c8814..baf855124 100644 --- a/oauth2_http/java/com/google/auth/oauth2/AwsRequestSigner.java +++ b/oauth2_http/java/com/google/auth/oauth2/AwsRequestSigner.java @@ -237,8 +237,8 @@ private Map getCanonicalHeaders(String defaultDate) { headers.put("x-amz-date", defaultDate); } - if (awsSecurityCredentials.getToken() != null && !awsSecurityCredentials.getToken().isEmpty()) { - headers.put("x-amz-security-token", awsSecurityCredentials.getToken()); + if (awsSecurityCredentials.getSessionToken() != null && !awsSecurityCredentials.getSessionToken().isEmpty()) { + headers.put("x-amz-security-token", awsSecurityCredentials.getSessionToken()); } // Add all additional headers. diff --git a/oauth2_http/java/com/google/auth/oauth2/AwsSecurityCredentials.java b/oauth2_http/java/com/google/auth/oauth2/AwsSecurityCredentials.java index b7865049a..ddbaf338f 100644 --- a/oauth2_http/java/com/google/auth/oauth2/AwsSecurityCredentials.java +++ b/oauth2_http/java/com/google/auth/oauth2/AwsSecurityCredentials.java @@ -37,29 +37,48 @@ * Defines AWS security credentials. These are either retrieved from the AWS security_credentials * endpoint or AWS environment variables. */ -class AwsSecurityCredentials { +public class AwsSecurityCredentials { private final String accessKeyId; private final String secretAccessKey; - @Nullable private final String token; + @Nullable private final String sessionToken; - AwsSecurityCredentials(String accessKeyId, String secretAccessKey, @Nullable String token) { + /** + * Constructor for AWSSecurityCredentials. + * + * @param accessKeyId the AWS access Key Id. + * @param secretAccessKey the AWS secret access key. + * @param sessionToken the AWS session token. Optional. + */ + public AwsSecurityCredentials(String accessKeyId, String secretAccessKey, @Nullable String sessionToken) { this.accessKeyId = accessKeyId; this.secretAccessKey = secretAccessKey; - this.token = token; + this.sessionToken = sessionToken; } - String getAccessKeyId() { + /** + * Gets the AWS access key id. + * @return the AWS access key id. + */ + public String getAccessKeyId() { return accessKeyId; } - String getSecretAccessKey() { + /** + * Gets the AWS secret access key. + * @return the AWS secret access key. + */ + public String getSecretAccessKey() { return secretAccessKey; } + /** + * Gets the AWS session token. + * @return the AWS session token. + */ @Nullable - String getToken() { - return token; + public String getSessionToken() { + return sessionToken; } } diff --git a/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java index d4bb90c0d..c56c8bdae 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java @@ -723,7 +723,7 @@ public void getAwsSecurityCredentials_fromEnvironmentVariablesNoToken() throws I assertEquals("awsAccessKeyId", credentials.getAccessKeyId()); assertEquals("awsSecretAccessKey", credentials.getSecretAccessKey()); - assertNull(credentials.getToken()); + assertNull(credentials.getSessionToken()); } @Test @@ -756,7 +756,7 @@ public void getAwsSecurityCredentials_fromEnvironmentVariablesWithToken() throws assertEquals("awsAccessKeyId", credentials.getAccessKeyId()); assertEquals("awsSecretAccessKey", credentials.getSecretAccessKey()); - assertEquals("awsSessionToken", credentials.getToken()); + assertEquals("awsSessionToken", credentials.getSessionToken()); } @Test @@ -778,7 +778,7 @@ public void getAwsSecurityCredentials_fromEnvironmentVariables_noMetadataServerC assertEquals("awsAccessKeyId", credentials.getAccessKeyId()); assertEquals("awsSecretAccessKey", credentials.getSecretAccessKey()); - assertEquals("awsSessionToken", credentials.getToken()); + assertEquals("awsSessionToken", credentials.getSessionToken()); } @Test @@ -797,7 +797,7 @@ public void getAwsSecurityCredentials_fromMetadataServer() throws IOException { assertEquals("accessKeyId", credentials.getAccessKeyId()); assertEquals("secretAccessKey", credentials.getSecretAccessKey()); - assertEquals("token", credentials.getToken()); + assertEquals("token", credentials.getSessionToken()); List requests = transportFactory.transport.getRequests(); assertEquals(2, requests.size());