@@ -99,45 +99,7 @@ async fn authenticate_stream_inner(
9999 let server_first = ServerFirst :: parse ( server_first_response. auth_response_body ( MECH_NAME ) ?) ?;
100100 server_first. validate ( & nonce) ?;
101101
102- // Find credentials using MongoDB URI or AWS SDK
103- let aws_credential = if let ( Some ( access_key) , Some ( secret_key) ) =
104- ( & credential. username , & credential. password )
105- {
106- // Look for credentials in the MongoDB URI
107- AwsCredential :: from_sdk_creds (
108- access_key. clone ( ) ,
109- secret_key. clone ( ) ,
110- credential
111- . mechanism_properties
112- . as_ref ( )
113- . and_then ( |mp| mp. get_str ( "AWS_SESSION_TOKEN" ) . ok ( ) )
114- . map ( str:: to_owned) ,
115- None ,
116- )
117- } else {
118- // If credentials are not provided in the URI, use the AWS SDK to load
119- let creds = aws_config:: load_defaults ( BehaviorVersion :: latest ( ) )
120- . await
121- . credentials_provider ( )
122- . ok_or_else ( || {
123- Error :: authentication_error (
124- MECH_NAME ,
125- & format ! ( "no credential provider configured" ) ,
126- )
127- } ) ?
128- . provide_credentials ( )
129- . await
130- . map_err ( |e| {
131- Error :: authentication_error ( MECH_NAME , & format ! ( "failed to get creds: {e}" ) )
132- } ) ?;
133-
134- AwsCredential :: from_sdk_creds (
135- creds. access_key_id ( ) . to_string ( ) ,
136- creds. secret_access_key ( ) . to_string ( ) ,
137- creds. session_token ( ) . map ( |s| s. to_string ( ) ) ,
138- None ,
139- )
140- } ;
102+ let aws_credential = get_aws_credentials ( credential) . await ?;
141103
142104 // Find credentials using original implementation without AWS SDK
143105 // let aws_credential = {
@@ -203,6 +165,46 @@ async fn authenticate_stream_inner(
203165 Ok ( ( ) )
204166}
205167
168+ // Find credentials using MongoDB URI or AWS SDK
169+ pub async fn get_aws_credentials ( credential : & Credential ) -> Result < AwsCredential > {
170+ if let ( Some ( access_key) , Some ( secret_key) ) = ( & credential. username , & credential. password ) {
171+ // Look for credentials in the MongoDB URI
172+ Ok ( AwsCredential :: from_sdk_creds (
173+ access_key. clone ( ) ,
174+ secret_key. clone ( ) ,
175+ credential
176+ . mechanism_properties
177+ . as_ref ( )
178+ . and_then ( |mp| mp. get_str ( "AWS_SESSION_TOKEN" ) . ok ( ) )
179+ . map ( str:: to_owned) ,
180+ None ,
181+ ) )
182+ } else {
183+ // If credentials are not provided in the URI, use the AWS SDK to load
184+ let creds = aws_config:: load_defaults ( BehaviorVersion :: latest ( ) )
185+ . await
186+ . credentials_provider ( )
187+ . ok_or_else ( || {
188+ Error :: authentication_error (
189+ MECH_NAME ,
190+ & format ! ( "no credential provider configured" ) ,
191+ )
192+ } ) ?
193+ . provide_credentials ( )
194+ . await
195+ . map_err ( |e| {
196+ Error :: authentication_error ( MECH_NAME , & format ! ( "failed to get creds: {e}" ) )
197+ } ) ?;
198+
199+ Ok ( AwsCredential :: from_sdk_creds (
200+ creds. access_key_id ( ) . to_string ( ) ,
201+ creds. secret_access_key ( ) . to_string ( ) ,
202+ creds. session_token ( ) . map ( |s| s. to_string ( ) ) ,
203+ None ,
204+ ) )
205+ }
206+ }
207+
206208/// Contains the credentials for MONGODB-AWS authentication.
207209// RUST-1529 note: dead_code tag added to avoid unused warnings on expiration field
208210#[ allow( dead_code) ]
0 commit comments