Support passing ClientConfiguration to web identity credentials provider.

teo-tsirpanis · teo-tsirpanis · commit 37c8c1de9bcc · 2024-09-20T02:07:27.000+03:00
diff --git a/src/aws-cpp-sdk-core/include/aws/core/auth/STSCredentialsProvider.h b/src/aws-cpp-sdk-core/include/aws/core/auth/STSCredentialsProvider.h
@@ -25,7 +25,7 @@ namespace Aws
         class AWS_CORE_API STSAssumeRoleWebIdentityCredentialsProvider : public AWSCredentialsProvider
         {
         public:
-            STSAssumeRoleWebIdentityCredentialsProvider();
+            STSAssumeRoleWebIdentityCredentialsProvider(Aws::Client::ClientConfiguration config = {});
 
             /**
              * Retrieves the credentials if found, otherwise returns empty credential set.
diff --git a/src/aws-cpp-sdk-core/source/auth/STSCredentialsProvider.cpp b/src/aws-cpp-sdk-core/source/auth/STSCredentialsProvider.cpp
@@ -32,7 +32,7 @@ using Aws::Utils::Threading::WriterLockGuard;
 static const char STS_ASSUME_ROLE_WEB_IDENTITY_LOG_TAG[] = "STSAssumeRoleWithWebIdentityCredentialsProvider";
 static const int STS_CREDENTIAL_PROVIDER_EXPIRATION_GRACE_PERIOD = 5 * 1000;
 
-STSAssumeRoleWebIdentityCredentialsProvider::STSAssumeRoleWebIdentityCredentialsProvider() :
+STSAssumeRoleWebIdentityCredentialsProvider::STSAssumeRoleWebIdentityCredentialsProvider(Aws::Client::ClientConfiguration config) :
     m_initialized(false)
 {
     // check environment variables
@@ -97,15 +97,16 @@ STSAssumeRoleWebIdentityCredentialsProvider::STSAssumeRoleWebIdentityCredentials
         AWS_LOGSTREAM_DEBUG(STS_ASSUME_ROLE_WEB_IDENTITY_LOG_TAG, "Resolved session_name from profile_config or environment variable to be " << m_sessionName);
     }
 
-    Aws::Client::ClientConfiguration config;
     config.scheme = Aws::Http::Scheme::HTTPS;
     config.region = tmpRegion;
 
-    Aws::Vector<Aws::String> retryableErrors;
-    retryableErrors.push_back("IDPCommunicationError");
-    retryableErrors.push_back("InvalidIdentityToken");
+    if (config.retryStrategy == nullptr) {
+        Aws::Vector<Aws::String> retryableErrors;
+        retryableErrors.push_back("IDPCommunicationError");
+        retryableErrors.push_back("InvalidIdentityToken");
 
-    config.retryStrategy = Aws::MakeShared<SpecifiedRetryableErrorsRetryStrategy>(STS_ASSUME_ROLE_WEB_IDENTITY_LOG_TAG, retryableErrors, 3/*maxRetries*/);
+        config.retryStrategy = Aws::MakeShared<SpecifiedRetryableErrorsRetryStrategy>(STS_ASSUME_ROLE_WEB_IDENTITY_LOG_TAG, retryableErrors, 3/*maxRetries*/);
+    }
 
     m_client = Aws::MakeUnique<Aws::Internal::STSCredentialsClient>(STS_ASSUME_ROLE_WEB_IDENTITY_LOG_TAG, config);
     m_initialized = true;

Original file line number	Diff line number	Diff line change
`@@ -25,7 +25,7 @@ namespace Aws`
`25`	`25`	`class AWS_CORE_API STSAssumeRoleWebIdentityCredentialsProvider : public AWSCredentialsProvider`
`26`	`26`	`{`
`27`	`27`	`public:`
`28`		`- STSAssumeRoleWebIdentityCredentialsProvider();`
	`28`	`+ STSAssumeRoleWebIdentityCredentialsProvider(Aws::Client::ClientConfiguration config = {});`
`29`	`29`
`30`	`30`	`/**`
`31`	`31`	`* Retrieves the credentials if found, otherwise returns empty credential set.`