From d93a72b4b9e65adfbce1e51b0b6c29246b229555 Mon Sep 17 00:00:00 2001 From: Waqar Ahmed Khan Date: Wed, 10 Jan 2024 15:08:13 -0800 Subject: [PATCH] WIP use static cred if available instead of going through the chain --- source/credentials_provider_profile.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/source/credentials_provider_profile.c b/source/credentials_provider_profile.c index 219fbf0c..859014f8 100644 --- a/source/credentials_provider_profile.c +++ b/source/credentials_provider_profile.c @@ -302,15 +302,8 @@ static struct aws_credentials_provider *s_create_sts_based_provider( struct aws_credentials_provider_profile_options profile_provider_options = *options; profile_provider_options.profile_name_override = aws_byte_cursor_from_string(aws_profile_property_get_value(source_profile_property)); - // TODO: add profile to hashmap to detect recursion sts_options.creds_provider = s_credentials_provider_new_profile_internal(allocator, &profile_provider_options, source_profile_table); - // sts_options.creds_provider = s_create_profile_based_provider( - // allocator, - // credentials_file_path, - // config_file_path, - // aws_profile_property_get_value(source_profile_property), - // options->profile_collection_cached); if (!sts_options.creds_provider) { goto done; @@ -472,8 +465,13 @@ static struct aws_credentials_provider *s_credentials_provider_new_profile_inter goto on_finished; } const struct aws_profile_property *role_arn_property = aws_profile_get_property(profile, s_role_arn_name); - - if (role_arn_property) { + bool profile_contains_static_cred = false; + if (!cleanup_source_profile_table) { + struct aws_credentials *credentials = aws_credentials_new_from_profile(allocator, profile); + profile_contains_static_cred = credentials != NULL; + aws_credentials_release(credentials); + } + if (role_arn_property && !profile_contains_static_cred) { provider = s_create_sts_based_provider( allocator, role_arn_property,