fix proxy for credentials

.github/workflows/go.yml

@@ -39,6 +39,7 @@ jobs:
         make install
         bash ./integration/vpc_test.sh
         bash ./integration/oss_test.sh
+        bash ./integration/https_proxy.sh
       if: env.ACCESS_KEY_ID != '' && env.ACCESS_KEY_SECRET != '' && matrix.os != 'windows-latest'
       env:
         ACCESS_KEY_ID: ${{ secrets.ACCESS_KEY_ID }}

config/hello.go

@@ -24,7 +24,7 @@ import (
 )
 
 func doHello(ctx *cli.Context, profile *Profile) (err error) {
-	credential, err := profile.GetCredential(ctx, tea.String(""))
+	credential, err := profile.GetCredential(ctx, nil)
 	if err != nil {
 		return
 	}

config/profile.go

@@ -279,8 +279,7 @@ func (cp *Profile) GetCredential(ctx *cli.Context, proxyHost *string) (cred cred
 			SetRoleArn(cp.RamRoleArn).
 			SetRoleSessionName(cp.RoleSessionName).
 			SetRoleSessionExpiration(cp.ExpiredSeconds).
-			SetSTSEndpoint(getSTSEndpoint(cp.StsRegion)).
-			SetProxy(*proxyHost)
+			SetSTSEndpoint(getSTSEndpoint(cp.StsRegion))
 
 		if cp.StsToken != "" {
 			config.SetSecurityToken(cp.StsToken)
@@ -318,8 +317,7 @@ func (cp *Profile) GetCredential(ctx *cli.Context, proxyHost *string) (cred cred
 			SetRoleArn(cp.RamRoleArn).
 			SetRoleSessionName(cp.RoleSessionName).
 			SetRoleSessionExpiration(cp.ExpiredSeconds).
-			SetSTSEndpoint(getSTSEndpoint(cp.StsRegion)).
-			SetProxy(*proxyHost)
+			SetSTSEndpoint(getSTSEndpoint(cp.StsRegion))
 
 	case ChainableRamRoleArn:
 		profileName := cp.SourceProfile
@@ -352,8 +350,7 @@ func (cp *Profile) GetCredential(ctx *cli.Context, proxyHost *string) (cred cred
 			SetRoleArn(cp.RamRoleArn).
 			SetRoleSessionName(cp.RoleSessionName).
 			SetRoleSessionExpiration(cp.ExpiredSeconds).
-			SetSTSEndpoint(getSTSEndpoint(cp.StsRegion)).
-			SetProxy(*proxyHost)
+			SetSTSEndpoint(getSTSEndpoint(cp.StsRegion))
 
 		if model.SecurityToken != nil {
 			config.SetSecurityToken(*model.SecurityToken)
@@ -430,13 +427,21 @@ func (cp *Profile) GetCredential(ctx *cli.Context, proxyHost *string) (cred cred
 			SetRoleArn(cp.RamRoleArn).
 			SetRoleSessionName(cp.RoleSessionName).
 			SetSTSEndpoint(getSTSEndpoint(cp.StsRegion)).
-			SetSessionExpiration(3600).
-			SetProxy(*proxyHost)
+			SetSessionExpiration(3600)
 
 	default:
 		return nil, fmt.Errorf("unexcepted certificate mode: %s", cp.Mode)
 	}
 
+	if proxyHost != nil {
+		config.SetProxy(*proxyHost)
+	} else {
+		proxy := util.GetFromEnv("HTTPS_PROXY", "https_proxy")
+		if proxy != "" {
+			config.SetProxy(proxy)
+		}
+	}
+
 	return credentialsv2.NewCredential(config)
 }
 

config/profile_test.go

@@ -18,7 +18,6 @@ import (
 	"os"
 	"testing"
 
-	"github.com/alibabacloud-go/tea/tea"
 	"github.com/aliyun/aliyun-cli/cli"
 
 	"github.com/stretchr/testify/assert"
@@ -426,17 +425,17 @@ func TestGetCredentialByAK(t *testing.T) {
 
 	actual.Mode = AK
 	actual.AccessKeyId = "accessKeyId"
-	credential, err := actual.GetCredential(newCtx(), tea.String(""))
+	credential, err := actual.GetCredential(newCtx(), nil)
 	assert.Nil(t, credential)
 	assert.EqualError(t, err, "AccessKeyId/AccessKeySecret is empty! run `aliyun configure` first")
 
 	actual.AccessKeySecret = "accessKeySecret"
-	credential, err = actual.GetCredential(newCtx(), tea.String(""))
+	credential, err = actual.GetCredential(newCtx(), nil)
 	assert.Nil(t, credential)
 	assert.EqualError(t, err, "default RegionId is empty! run `aliyun configure` first")
 
 	actual.RegionId = "cn-hangzhou"
-	credential, err = actual.GetCredential(newCtx(), tea.String(""))
+	credential, err = actual.GetCredential(newCtx(), nil)
 	assert.Nil(t, err)
 	assert.NotNil(t, credential)
 
@@ -447,22 +446,22 @@ func TestGetCredentialBySts(t *testing.T) {
 	actual := newProfile()
 
 	actual.Mode = StsToken
-	credential, err := actual.GetCredential(newCtx(), tea.String(""))
+	credential, err := actual.GetCredential(newCtx(), nil)
 	assert.Nil(t, credential)
 	assert.EqualError(t, err, "AccessKeyId cannot be empty")
 
 	actual.AccessKeyId = "akid"
-	credential, err = actual.GetCredential(newCtx(), tea.String(""))
+	credential, err = actual.GetCredential(newCtx(), nil)
 	assert.Nil(t, credential)
 	assert.EqualError(t, err, "AccessKeySecret cannot be empty")
 
 	actual.AccessKeySecret = "aksecret"
-	credential, err = actual.GetCredential(newCtx(), tea.String(""))
+	credential, err = actual.GetCredential(newCtx(), nil)
 	assert.Nil(t, credential)
 	assert.EqualError(t, err, "SecurityToken cannot be empty")
 
 	actual.StsToken = "ststoken"
-	credential, err = actual.GetCredential(newCtx(), tea.String(""))
+	credential, err = actual.GetCredential(newCtx(), nil)
 	assert.Nil(t, err)
 	assert.NotNil(t, credential)
 
@@ -501,7 +500,7 @@ func TestGetProfileWithChainable(t *testing.T) {
 	p.RamRoleArn = "acs:ram::test:role/test"
 	p.RoleSessionName = "sessionname"
 
-	c, err := p.GetCredential(newCtx(), tea.String(""))
+	c, err := p.GetCredential(newCtx(), nil)
 	assert.NotNil(t, c)
 	assert.Nil(t, err)
 }

integration/https_proxy.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+export HTTPS_PROXY=https://1.2.3.4:8080/
+
+cmd="aliyun sts GetCallerIdentity --access-key-id $ACCESS_KEY_ID --access-key-secret $ACCESS_KEY_SECRET --region $REGION_ID  2>&1"
+g_var=$(eval $cmd)
+
+err=$(echo $g_var | grep -i -e "proxyconnect tcp" -e "timeout")
+
+if [[ $err == "" ]]
+then
+    exit 1
+fi
+
+exit 0

openapi/invoker.go

@@ -19,7 +19,6 @@ import (
 	"strings"
 	"time"
 
-	"github.com/alibabacloud-go/tea/tea"
 	"github.com/aliyun/alibaba-cloud-sdk-go/sdk"
 	"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth"
 	"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/credentials"
@@ -32,10 +31,11 @@ import (
 )
 
 func GetClient(cp *config.Profile, ctx *cli.Context) (client *sdk.Client, err error) {
-	credential, err := cp.GetCredential(ctx, tea.String(""))
+	credential, err := cp.GetCredential(ctx, nil)
 	if err != nil {
 		return
 	}
+
 	model, err := credential.GetCredential()
 	if err != nil {
 		return