1 /* 2 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"). 5 * You may not use this file except in compliance with the License. 6 * A copy of the License is located at 7 * 8 * http://aws.amazon.com/apache2.0 9 * 10 * or in the "license" file accompanying this file. This file is distributed 11 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 * express or implied. See the License for the specific language governing 13 * permissions and limitations under the License. 14 */ 15 16 package software.amazon.awssdk.auth.credentials; 17 18 import java.util.concurrent.CompletableFuture; 19 import software.amazon.awssdk.annotations.SdkPublicApi; 20 import software.amazon.awssdk.identity.spi.AwsCredentialsIdentity; 21 import software.amazon.awssdk.identity.spi.IdentityProvider; 22 import software.amazon.awssdk.identity.spi.ResolveIdentityRequest; 23 24 /** 25 * Interface for loading {@link AwsCredentials} that are used for authentication. 26 * 27 * <p>Commonly-used implementations include {@link StaticCredentialsProvider} for a fixed set of credentials and the 28 * {@link DefaultCredentialsProvider} for discovering credentials from the host's environment. The AWS Security Token 29 * Service (STS) client also provides implementations of this interface for loading temporary, limited-privilege credentials from 30 * AWS STS.</p> 31 */ 32 @FunctionalInterface 33 @SdkPublicApi 34 public interface AwsCredentialsProvider extends IdentityProvider<AwsCredentialsIdentity> { 35 /** 36 * Returns {@link AwsCredentials} that can be used to authorize an AWS request. Each implementation of AWSCredentialsProvider 37 * can choose its own strategy for loading credentials. For example, an implementation might load credentials from an existing 38 * key management system, or load new credentials when credentials are rotated. 39 * 40 * <p>If an error occurs during the loading of credentials or credentials could not be found, a runtime exception will be 41 * raised.</p> 42 * 43 * @return AwsCredentials which the caller can use to authorize an AWS request. 44 */ resolveCredentials()45 AwsCredentials resolveCredentials(); 46 47 @Override identityType()48 default Class<AwsCredentialsIdentity> identityType() { 49 return AwsCredentialsIdentity.class; 50 } 51 52 @Override resolveIdentity(ResolveIdentityRequest request)53 default CompletableFuture<AwsCredentialsIdentity> resolveIdentity(ResolveIdentityRequest request) { 54 return CompletableFuture.completedFuture(resolveCredentials()); 55 } 56 } 57