From a064aba92cc63047f8d937912de957b2790acf22 Mon Sep 17 00:00:00 2001
From: Octavio Martin <octavio.martin.montenegro@teamaol.com>
Date: Tue, 11 Apr 2017 18:09:06 +0100
Subject: [PATCH] Added support for BasicSessionCredentials

---
 .../BasicSessionAWSCredentialsProvider.java   | 58 +++++++++++++++++++
 .../org/apache/hadoop/fs/s3a/Constants.java   |  3 +
 .../apache/hadoop/fs/s3a/S3AFileSystem.java   |  2 +
 3 files changed, 63 insertions(+)
 create mode 100644 hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/BasicSessionAWSCredentialsProvider.java

diff --git a/hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/BasicSessionAWSCredentialsProvider.java b/hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/BasicSessionAWSCredentialsProvider.java
new file mode 100644
index 0000000000000..453cb0b5ab32b
--- /dev/null
+++ b/hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/BasicSessionAWSCredentialsProvider.java
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.fs.s3a;
+
+import org.apache.commons.lang.StringUtils;
+
+import com.amazonaws.AmazonClientException;
+import com.amazonaws.auth.AWSCredentials;
+import com.amazonaws.auth.AWSCredentialsProvider;
+import com.amazonaws.auth.BasicSessionCredentials;
+
+/**
+ * Support session credentials for authenticating with AWS.
+ *
+ */
+public class BasicSessionAWSCredentialsProvider implements AWSCredentialsProvider {
+      private final String accessKey;
+      private final String secretKey;
+      private final String sessionToken;
+
+      public BasicSessionAWSCredentialsProvider(String accessKey, String secretKey, String sessionToken) {
+        this.accessKey = accessKey;
+        this.secretKey = secretKey;
+        this.sessionToken = sessionToken;
+      }
+
+      public AWSCredentials getCredentials() {
+        if (!StringUtils.isEmpty(accessKey) && !StringUtils.isEmpty(secretKey) && !StringUtils.isEmpty(sessionToken)) {
+          return new BasicSessionCredentials(accessKey, secretKey, sessionToken);
+        }
+        throw new AmazonClientException(
+            "Access key or secret or session token key is null");
+      }
+
+      public void refresh() {}
+
+      @Override
+      public String toString() {
+        return getClass().getSimpleName();
+      }
+
+    }
diff --git a/hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/Constants.java b/hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/Constants.java
index 3486dfbedfd72..86a3c37b44489 100644
--- a/hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/Constants.java
+++ b/hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/Constants.java
@@ -25,6 +25,9 @@ public class Constants {
   // s3 secret key
   public static final String SECRET_KEY = "fs.s3a.secret.key";
 
+  // s3 session token
+  public static final String SESSION_TOKEN = "fs.s3a.session.token";
+
   // number of simultaneous connections to s3
   public static final String MAXIMUM_CONNECTIONS = "fs.s3a.connection.maximum";
   public static final int DEFAULT_MAXIMUM_CONNECTIONS = 15;
diff --git a/hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/S3AFileSystem.java b/hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/S3AFileSystem.java
index 91a606cf1f443..ab2bae0078757 100644
--- a/hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/S3AFileSystem.java
+++ b/hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/S3AFileSystem.java
@@ -159,6 +159,7 @@ public void initialize(URI name, Configuration conf) throws IOException {
     // Try to get our credentials or just connect anonymously
     String accessKey = conf.get(ACCESS_KEY, null);
     String secretKey = conf.get(SECRET_KEY, null);
+    String sessionToken = conf.get(SESSION_TOKEN, null);
 
     String userInfo = name.getUserInfo();
     if (userInfo != null) {
@@ -172,6 +173,7 @@ public void initialize(URI name, Configuration conf) throws IOException {
     }
 
     AWSCredentialsProviderChain credentials = new AWSCredentialsProviderChain(
+        new BasicSessionAWSCredentialsProvider(accessKey, secretKey, sessionToken),
         new BasicAWSCredentialsProvider(accessKey, secretKey),
         new InstanceProfileCredentialsProvider(),
         new AnonymousAWSCredentialsProvider()