jooby-project
diff --git a/‎doc/doc/aws/aws.md‎
Lines changed: 16 additions & 11 deletions b/‎doc/doc/aws/aws.md‎
Lines changed: 16 additions & 11 deletions
diff --git a/‎modules/jooby-aws/src/main/java/org/jooby/aws/Aws.java‎
Lines changed: 45 additions & 25 deletions b/‎modules/jooby-aws/src/main/java/org/jooby/aws/Aws.java‎
Lines changed: 45 additions & 25 deletions
diff --git a/‎…ernal/aws/ConfigCredentialsProvider.java‎ ‎…oby/internal/aws/CredentialsFactory.java‎modules/jooby-aws/src/main/java/org/jooby/internal/aws/ConfigCredentialsProvider.java renamed to modules/jooby-aws/src/main/java/org/jooby/internal/aws/CredentialsFactory.java
Lines changed: 41 additions & 51 deletions b/‎…ernal/aws/ConfigCredentialsProvider.java‎ ‎…oby/internal/aws/CredentialsFactory.java‎modules/jooby-aws/src/main/java/org/jooby/internal/aws/ConfigCredentialsProvider.java renamed to modules/jooby-aws/src/main/java/org/jooby/internal/aws/CredentialsFactory.java
Lines changed: 41 additions & 51 deletions
@@ -2,11 +2,9 @@
 
 Small utility module that exports ```AmazonWebServiceClient``` services.
 
-It also give you access to aws credentials (access and secret keys).
-
 ## exports
 
-* One ore more ```AmazonWebServiceClient```, like ```AmazonS3Client```, ```AmazonSimpleEmailServiceClient```, etc...
+* One ore more ```amazon services```, like ```AmazonS3Client```, ```AmazonSimpleEmailServiceClient```, etc...
 
 ## dependency
 
@@ -30,8 +28,8 @@ aws.secretKey =  wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
 ```java
 {
   use(new Aws()
-    .with(creds -> new AmazonS3Client(creds))
-    .with(creds -> new AmazonSimpleEmailServiceClient(creds))
+    .with(creds -> AmazonS3Client.builder().withCredentials(creds).build())
+    .with(creds -> AmazonSimpleEmailServiceClient.builder.withCredentials(creds).build())
   );
 
   get("/", req -> {
@@ -49,8 +47,8 @@ This module is small and simple. All it does is bind ```AmazonWebServiceClient``
 ```java
 {
   use(new Aws()
-    .with(creds -> new AmazonS3Client(creds))
-    .doWith((AmazonS3Client s3) -> new TransferManager(s3))
+    .with(creds -> AmazonS3Client.builder().withCredentials(creds).build())
+    .doWith((AmazonS3Client s3) -> TransferManagerBuilder.standard().withS3Client(s3).build())
   );
 
   post("/", req -> {
@@ -74,10 +72,17 @@ Keys are defined in ```.conf``` file. It is possible to use global or per servic
 ```
 {
   use(new Aws()
-    .with(creds -> new AmazonS3Client(creds)) // use aws.s3 keys
-    .with(creds -> new AmazonSimpleEmailServiceClient(creds)) // use global keys
+    // use aws.s3 keys
+    .with(creds -> AmazonS3Client.builder().withCredentials(creds).build())
+    // use global keys
+    .with(creds -> AmazonSimpleEmailServiceClient.builder.withCredentials(creds).build())
   );
 ```
 
-It uses the ```AmazonWebServiceClient#getServiceName()``` method in order to find per service
-keys.
+The module also install the defaults aws credentials provider. Provider precedence is as follows:
+
+- application *.conf file (application.conf, application.prod.conf, etc...)
+- environment (EnvironmentVariableCredentialsProvider)
+- jvm system properties (SystemPropertiesCredentialsProvider)
+- aws configuration profile (ProfileCredentialsProvider)
+- ec2 (EC2ContainerCredentialsProviderWrapper)
@@ -203,26 +203,25 @@
  */
 package org.jooby.aws;
 
+import com.amazonaws.AmazonWebServiceClient;
+import com.amazonaws.auth.AWSCredentialsProvider;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableList.Builder;
+import com.google.inject.Binder;
+import com.typesafe.config.Config;
 import static java.util.Objects.requireNonNull;
-
-import java.util.ArrayList;
-import java.util.List;
-import java.util.function.BiFunction;
-import java.util.function.Function;
-
 import org.jooby.Env;
 import org.jooby.Jooby;
 import org.jooby.internal.aws.AwsShutdownSupport;
-import org.jooby.internal.aws.ConfigCredentialsProvider;
+import org.jooby.internal.aws.CredentialsFactory;
+import org.jooby.internal.aws.ForwardingCredentialsProvider;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import com.amazonaws.AmazonWebServiceClient;
-import com.amazonaws.auth.AWSCredentialsProvider;
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableList.Builder;
-import com.google.inject.Binder;
-import com.typesafe.config.Config;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.function.BiFunction;
+import java.util.function.Function;
 
 /**
  * <h1>aws module</h1>
@@ -264,7 +263,7 @@
  * </p>
  *
  * <p>
- * This module is small and simple. All it does is bind {@link AmazonWebServiceClient} instances in
+ * This module is small and simple. All it does is bind <code>amazon service</code> instances in
  * Guice. It also helps to bind utility classes like <code>TransferManager</code>.
  * </p>
  *
@@ -306,19 +305,29 @@
  *   );
  * </pre>
  *
- * It uses the {@link AmazonWebServiceClient#getServiceName()} method in order to find per service
- * keys.
+ * <p>
+ *   The module also install the defaults aws credentials provider.
+ *   Provider precedence is as follows:
+ * </p>
+ *
+ * <ul>
+ *   <li>application *.conf file (application.conf, application.prod.conf, etc...)</li>
+ *   <li>environment (EnvironmentVariableCredentialsProvider)</li>
+ *   <li>jvm system properties (SystemPropertiesCredentialsProvider)</li>
+ *   <li>aws configuration profile (ProfileCredentialsProvider)</li>
+ *   <li>ec2 (EC2ContainerCredentialsProviderWrapper)</li>
+ * </ul>
  *
  * @author edgar
  * @since 0.7.0
  */
-@SuppressWarnings({"rawtypes", "unchecked" })
+@SuppressWarnings({"rawtypes", "unchecked"})
 public class Aws implements Jooby.Module {
 
   /** The logging system. */
   private final Logger log = LoggerFactory.getLogger(getClass());
 
-  private Builder<BiFunction<AWSCredentialsProvider, Config, AmazonWebServiceClient>> callbacks =
+  private Builder<BiFunction<AWSCredentialsProvider, Config, Object>> callbacks =
       ImmutableList.builder();
 
   private List<BiFunction> after = new ArrayList<>();
@@ -336,8 +345,7 @@ public class Aws implements Jooby.Module {
    * @param callback A creation callback.
    * @return This module.
    */
-  public Aws with(
-      final BiFunction<AWSCredentialsProvider, Config, AmazonWebServiceClient> callback) {
+  public Aws with(final BiFunction<AWSCredentialsProvider, Config, Object> callback) {
     requireNonNull(callback, "Callback is required.");
     callbacks.add(callback);
     return this;
@@ -360,7 +368,7 @@ public Aws with(
    * @param callback A creation callback.
    * @return This module.
    */
-  public Aws with(final Function<AWSCredentialsProvider, AmazonWebServiceClient> callback) {
+  public Aws with(final Function<AWSCredentialsProvider, Object> callback) {
     return with((creds, conf) -> callback.apply(creds));
   }
 
@@ -416,9 +424,21 @@ public <T extends AmazonWebServiceClient> Aws doWith(final Function<T, Object> c
   public void configure(final Env env, final Config config, final Binder binder) {
 
     callbacks.build().forEach(it -> {
-      ConfigCredentialsProvider creds = new ConfigCredentialsProvider(config);
-      AmazonWebServiceClient service = it.apply(creds, config);
-      creds.service(service.getServiceName());
+      ForwardingCredentialsProvider fcp = new ForwardingCredentialsProvider();
+      Object service = it.apply(fcp, config);
+      String serviceName;
+      if (service instanceof AmazonWebServiceClient) {
+        serviceName = ((AmazonWebServiceClient) service).getServiceName();
+      } else {
+        serviceName = service.getClass().getSimpleName()
+            .replace("AWS", "")
+            .replace("Amazon", "")
+            .replace("JavaClient", "")
+            .replace("ServiceClient", "")
+            .replace("Client", "")
+            .toLowerCase();
+      }
+      fcp.setProvider(CredentialsFactory.create(config, serviceName));
       Class serviceType = service.getClass();
       Class[] interfaces = serviceType.getInterfaces();
       if (interfaces.length > 0) {
@@ -432,7 +452,7 @@ public void configure(final Env env, final Config config, final Binder binder) {
   }
 
   private void after(final Env env, final Binder binder, final Config config,
-      final AmazonWebServiceClient service) {
+      final Object service) {
     after.forEach(it -> {
       try {
         Object dep = it.apply(service, config);
 
@@ -203,78 +203,68 @@
  */
 package org.jooby.internal.aws;
 
-import static java.util.Objects.requireNonNull;
-
 import com.amazonaws.auth.AWSCredentials;
 import com.amazonaws.auth.AWSCredentialsProvider;
+import com.amazonaws.auth.AWSCredentialsProviderChain;
+import com.amazonaws.auth.AWSStaticCredentialsProvider;
 import com.amazonaws.auth.BasicAWSCredentials;
 import com.amazonaws.auth.BasicSessionCredentials;
-import com.google.common.base.Joiner;
+import com.amazonaws.auth.EC2ContainerCredentialsProviderWrapper;
+import com.amazonaws.auth.EnvironmentVariableCredentialsProvider;
+import com.amazonaws.auth.SystemPropertiesCredentialsProvider;
+import com.amazonaws.auth.profile.ProfileCredentialsProvider;
+import com.google.common.base.Strings;
 import com.typesafe.config.Config;
 
-public class ConfigCredentialsProvider implements AWSCredentialsProvider {
+import java.util.LinkedList;
+import java.util.function.Consumer;
+import java.util.stream.Stream;
+
+public class CredentialsFactory {
 
   private static final String ACCESS_KEY = "accessKey";
 
   private static final String SECRET_KEY = "secretKey";
 
   private static final String SESSION_TOKEN = "sessionToken";
 
-  private Config config;
-
-  private String accessKey;
-
-  private String secretKey;
-
-  private String sessionToken;
-
-  public ConfigCredentialsProvider(final Config config) {
-    this.config = requireNonNull(config, "Config is required.");
-  }
-
-  public ConfigCredentialsProvider service(final String serviceName) {
-    // global vs service specific key
-    String accessKey = key("aws", ACCESS_KEY);
-    String secretKey = key("aws", SECRET_KEY);
-    String sessionToken = key("aws", SESSION_TOKEN);
+  public static AWSCredentialsProvider create(final Config conf, final String serviceName) {
+    LinkedList<AWSCredentialsProvider> chain = chain();
 
-    String serviceAccessKey = key("aws", serviceName, ACCESS_KEY);
-    String serviceSecretKey = key("aws", serviceName, SECRET_KEY);
-    String serviceSessionToken = key("aws", serviceName, SESSION_TOKEN);
+    applicationCredentials(conf, serviceName, chain::addFirst);
 
-    if (this.config.hasPath(serviceAccessKey)) {
-      accessKey = serviceAccessKey;
-    }
-    if (this.config.hasPath(serviceSecretKey)) {
-      secretKey = serviceSecretKey;
-    }
-    // override
-    this.accessKey = this.config.getString(accessKey);
-    this.secretKey = this.config.getString(secretKey);
-    // session token
-    if (this.config.hasPath(serviceSessionToken)) {
-      this.sessionToken = this.config.getString(serviceSessionToken);
-    } else if (this.config.hasPath(sessionToken)) {
-      this.sessionToken = this.config.getString(sessionToken);
-    }
-    return this;
+    return new AWSCredentialsProviderChain(chain);
   }
 
-  @Override
-  public AWSCredentials getCredentials() {
-    if (sessionToken != null) {
-      return new BasicSessionCredentials(accessKey, secretKey, sessionToken);
+  private static void applicationCredentials(Config conf, String serviceName,
+      Consumer<AWSCredentialsProvider> consumer) {
+    String accessKey = find(conf, "aws." + serviceName + "." + ACCESS_KEY, "aws." + ACCESS_KEY);
+    if (accessKey != null) {
+      String secretKey = find(conf, "aws." + serviceName + "." + SECRET_KEY, "aws." + SECRET_KEY);
+      String sessionToken = find(conf, "aws." + serviceName + "." + SESSION_TOKEN,
+          "aws." + SESSION_TOKEN);
+      AWSCredentials credentials = sessionToken == null
+          ? new BasicAWSCredentials(accessKey, secretKey)
+          : new BasicSessionCredentials(accessKey, secretKey, sessionToken);
+      consumer.accept(new AWSStaticCredentialsProvider(credentials));
     }
-    return new BasicAWSCredentials(accessKey, secretKey);
   }
 
-  @Override
-  public void refresh() {
-    // noop
+  private static LinkedList<AWSCredentialsProvider> chain() {
+    LinkedList<AWSCredentialsProvider> chain = new LinkedList<>();
+    chain.add(new EnvironmentVariableCredentialsProvider());
+    chain.add(new SystemPropertiesCredentialsProvider());
+    chain.add(new ProfileCredentialsProvider());
+    chain.add(new EC2ContainerCredentialsProviderWrapper());
+    return chain;
   }
 
-  private String key(final String... parts) {
-    return Joiner.on(".").join(parts);
+  private static String find(Config conf, String... keys) {
+    return Stream.of(keys)
+        .filter(conf::hasPath)
+        .findFirst()
+        .map(conf::getString)
+        .map(Strings::emptyToNull)
+        .orElse(null);
   }
-
 }