No longer required to register STS authenticator as interceptor.

Author: dkocher

hub/src/main/java/cloud/katta/protocols/s3/S3AssumeRoleSession.java

@@ -12,7 +12,6 @@
 import ch.cyberduck.core.s3.S3Session;
 import ch.cyberduck.core.ssl.X509KeyManager;
 import ch.cyberduck.core.ssl.X509TrustManager;
-import ch.cyberduck.core.sts.STSRequestInterceptor;
 
 import org.apache.http.impl.client.HttpClientBuilder;
 import org.apache.logging.log4j.LogManager;
@@ -52,10 +51,7 @@ protected S3CredentialsStrategy configureCredentialsStrategy(final HttpClientBui
         if(host.getProtocol().isOAuthConfigurable()) {
             log.debug("Register interceptor {}", oauth);
             configuration.addInterceptorLast(oauth);
-            final STSRequestInterceptor sts = new STSChainedAssumeRoleRequestInterceptor(hub, oauth, vaultId, host, trust, key, prompt);
-            log.debug("Register interceptor {}", sts);
-            configuration.addInterceptorLast(sts);
-            return sts;
+            return new STSChainedAssumeRoleRequestInterceptor(hub, oauth, vaultId, host, trust, key, prompt);
         }
         return super.configureCredentialsStrategy(configuration, prompt);
     }

hub/src/main/java/cloud/katta/protocols/s3/STSChainedAssumeRoleRequestInterceptor.java

@@ -16,7 +16,7 @@
 import ch.cyberduck.core.preferences.PreferencesReader;
 import ch.cyberduck.core.ssl.X509KeyManager;
 import ch.cyberduck.core.ssl.X509TrustManager;
-import ch.cyberduck.core.sts.STSAssumeRoleWithWebIdentityRequestInterceptor;
+import ch.cyberduck.core.sts.STSAssumeRoleWithWebIdentityCredentialsStrategy;
 
 import org.apache.commons.lang3.StringUtils;
 import org.apache.logging.log4j.LogManager;
@@ -33,7 +33,7 @@
 /**
  * Assume role with temporary credentials obtained using OIDC token from security token service (STS)
  */
-public class STSChainedAssumeRoleRequestInterceptor extends STSAssumeRoleWithWebIdentityRequestInterceptor {
+public class STSChainedAssumeRoleRequestInterceptor extends STSAssumeRoleWithWebIdentityCredentialsStrategy {
     private static final Logger log = LogManager.getLogger(STSChainedAssumeRoleRequestInterceptor.class);
 
     /**
@@ -81,7 +81,7 @@ public TemporaryAccessTokens assumeRoleWithWebIdentity(final OAuthTokens oauth,
             if(null == key) {
                 throw new InteroperabilityException("No vault tag key set");
             }
-            return super.assumeRole(credentials.setTokens(tokens)
+            return super.assumeRole(bookmark.getCredentials().setTokens(tokens)
                             .setProperty(Profile.STS_TAGS_PROPERTY_KEY, String.format("%s=%s", key, vaultId)),
                     settings.getProperty(S3AssumeRoleProtocol.S3_ASSUMEROLE_ROLEARN_TAG));
         }

hub/src/test/java/cloud/katta/workflows/AbstractHubSynchronizeTest.java

@@ -11,7 +11,6 @@
 import ch.cyberduck.core.DisabledLoginCallback;
 import ch.cyberduck.core.DisabledPasswordCallback;
 import ch.cyberduck.core.ListService;
-import ch.cyberduck.core.OAuthTokens;
 import ch.cyberduck.core.Path;
 import ch.cyberduck.core.SimplePathPredicate;
 import ch.cyberduck.core.UUIDRandomStringService;
@@ -338,8 +337,6 @@ void test03AddVault(final HubTestConfig config) throws Exception {
     @MethodSource("arguments")
     void test04SetupCode(final HubTestConfig config) throws Exception {
         final HubSession hubSession = setupConnection(config.setup);
-        assertEquals(OAuthTokens.EMPTY, hubSession.getHost().getCredentials().getOauth());
-        assertEquals(StringUtils.EMPTY, hubSession.getHost().getCredentials().getPassword());
         final ListService feature = hubSession.getFeature(ListService.class);
         final AttributedList<Path> vaults = feature.list(Home.root(), new DisabledListProgressListener());
         assertEquals(vaults, feature.list(Home.root(), new DisabledListProgressListener()));