我目前正在使用 AWS STS 访问 S3 资源。我第一次能够在 STS 凭证的帮助下使用 get 对象访问 S3 资源。15 分钟后,我使用 getAssumeRoleForUser 获得了新凭证。由于令牌过期异常,我无法访问 S3 资源。以下是用于执行上述过程的代码。
class CustomIdentityProvider: NSObject, AWSCredentialsProvider{
var token:String!
var awsAccessKey: String!
var awsSecretKey: String!
var awsExpiration: NSDate!
var awsRegion:String!
func credentials() -> AWSTask<AWSCredentials>{
// AWSPinpoint.
let credentials = AWSCredentials(accessKey:self.awsAccessKey, secretKey:self.awsSecretKey, sessionKey :self.token, expiration:self.awsExpiration as! Date)
return AWSTask(result:credentials)
}
func invalidateCachedTemporaryCredentials() {
print("")
}
init(accessKey: String, secretKey: String, sessionKey: String?, expiration: NSDate?) {
self.token = sessionKey
self.awsAccessKey = accessKey
self.awsSecretKey = secretKey
self.awsExpiration = expiration
}
}
//MARK - Using above provider to reset credentilas linke this- AppSessionManager.shared.checkAndApplyRefreshMechanismOn1HrsTimeAndSchedulecompletion(completion: ){ (Roledata) in
print(Roledata)
let expirationTime = Roledata.expiration
let dateFormatter = DateFormatter()
dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ssZ"
let date = dateFormatter.date(from: expirationTime )
let awsExpiration = date as NSDate?
let ProviderManager = CustomIdentityProvider(accessKey:Roledata.accessKeyId , secretKey: Roledata.secretAccessKey , sessionKey: Roledata.sessionToken , expiration: awsExpiration)
let config = AWSServiceConfiguration(region: AWSRegionType.APSouth1, credentialsProvider: ProviderManager)
AWSServiceManager.default().defaultServiceConfiguration = config
}
AWS STS token update issue while accessing the S3 resources
处理这个令牌过期问题需要什么?我这边还缺少什么设置或代码吗?