diff --git a/aws/config.go b/aws/config.go index dcba81fa..378905c2 100644 --- a/aws/config.go +++ b/aws/config.go @@ -18,14 +18,7 @@ import ( // endpoint) or fully valid endpoint with dummy region assumed (e.g // for URLs to emulated services). func ConfigFromURL(awsURL *url.URL) (*aws.Config, error) { - if awsURL.User == nil { - return nil, fmt.Errorf("must specify escaped Access Key & Secret Access in URL") - } - - password, _ := awsURL.User.Password() - creds := credentials.NewStaticCredentials(awsURL.User.Username(), password, "") config := aws.NewConfig(). - WithCredentials(creds). // Use a custom http.Client with the golang defaults but also specifying // MaxIdleConnsPerHost because of a bug in golang https://github.com/golang/go/issues/13801 // where MaxIdleConnsPerHost does not work as expected. @@ -44,6 +37,13 @@ func ConfigFromURL(awsURL *url.URL) (*aws.Config, error) { ExpectContinueTimeout: 1 * time.Second, }, }) + + if awsURL.User != nil { + password, _ := awsURL.User.Password() + creds := credentials.NewStaticCredentials(awsURL.User.Username(), password, "") + config = config.WithCredentials(creds) + } + if strings.Contains(awsURL.Host, ".") { return config.WithEndpoint(fmt.Sprintf("http://%s", awsURL.Host)).WithRegion("dummy"), nil } diff --git a/aws/config_test.go b/aws/config_test.go index 01a11a2c..2910a6da 100644 --- a/aws/config_test.go +++ b/aws/config_test.go @@ -2,6 +2,7 @@ package aws import ( "net/url" + "strconv" "testing" "github.com/stretchr/testify/assert" @@ -9,14 +10,12 @@ import ( ) func TestAWSConfigFromURL(t *testing.T) { - for _, tc := range []struct { + for i, tc := range []struct { url string expectedKey string expectedSecret string expectedRegion string expectedEp string - - expectedNotSpecifiedUserErr bool }{ { "s3://abc:123@s3.default.svc.cluster.local:4569", @@ -24,7 +23,6 @@ func TestAWSConfigFromURL(t *testing.T) { "123", "dummy", "http://s3.default.svc.cluster.local:4569", - false, }, { "dynamodb://user:pass@dynamodb.default.svc.cluster.local:8000/cortex", @@ -32,25 +30,14 @@ func TestAWSConfigFromURL(t *testing.T) { "pass", "dummy", "http://dynamodb.default.svc.cluster.local:8000", - false, - }, - { - // Not escaped password. - "s3://abc:123/@s3.default.svc.cluster.local:4569", - "", - "", - "", - "", - true, }, { - // Not escaped username. - "s3://abc/:123@s3.default.svc.cluster.local:4569", - "", - "", + // No credentials. + "s3://s3.default.svc.cluster.local:4569", "", "", - true, + "dummy", + "http://s3.default.svc.cluster.local:4569", }, { "s3://keyWithEscapedSlashAtTheEnd%2F:%24%2C%26%2C%2B%2C%27%2C%2F%2C%3A%2C%3B%2C%3D%2C%3F%2C%40@eu-west-2/bucket1", @@ -58,32 +45,32 @@ func TestAWSConfigFromURL(t *testing.T) { "$,&,+,',/,:,;,=,?,@", "eu-west-2", "", - false, }, } { - parsedURL, err := url.Parse(tc.url) - require.NoError(t, err) - - cfg, err := ConfigFromURL(parsedURL) - if tc.expectedNotSpecifiedUserErr { - require.Error(t, err) - continue - } - require.NoError(t, err) + t.Run(strconv.Itoa(i), func(t *testing.T) { + parsedURL, err := url.Parse(tc.url) + require.NoError(t, err) - require.NotNil(t, cfg.Credentials) - val, err := cfg.Credentials.Get() - require.NoError(t, err) + cfg, err := ConfigFromURL(parsedURL) + require.NoError(t, err) - assert.Equal(t, tc.expectedKey, val.AccessKeyID) - assert.Equal(t, tc.expectedSecret, val.SecretAccessKey) + if cfg.Credentials == nil { + assert.Equal(t, "", tc.expectedKey) + assert.Equal(t, "", tc.expectedSecret) + } else { + val, err := cfg.Credentials.Get() + require.NoError(t, err) + assert.Equal(t, tc.expectedKey, val.AccessKeyID) + assert.Equal(t, tc.expectedSecret, val.SecretAccessKey) + } - require.NotNil(t, cfg.Region) - assert.Equal(t, tc.expectedRegion, *cfg.Region) + require.NotNil(t, cfg.Region) + assert.Equal(t, tc.expectedRegion, *cfg.Region) - if tc.expectedEp != "" { - require.NotNil(t, cfg.Endpoint) - assert.Equal(t, tc.expectedEp, *cfg.Endpoint) - } + if tc.expectedEp != "" { + require.NotNil(t, cfg.Endpoint) + assert.Equal(t, tc.expectedEp, *cfg.Endpoint) + } + }) } }