1. 包列表
  2. 类列表
  3. com.amazonaws.services.kms.AWSKMSClientBuilder

Java 类com.amazonaws.services.kms.AWSKMSClientBuilder 实例源码

项目:strongbox    文件:IntegrationTestHelper.java    
private static void cleanUpKMSKeys(Regions testRegion, String testResourcePrefix, Date createdBeforeThreshold,
                                   AWSCredentialsProvider awsCredentials) {
    LOG.info("Cleaning KMS...");

    AWSKMS kmsClient = AWSKMSClientBuilder.standard()
            .withCredentials(awsCredentials)
            .withRegion(testRegion)
            .build();

    List<AliasListEntry> keys = kmsClient.listAliases().getAliases();
    for (AliasListEntry entry: keys) {
        if (!entry.getAliasName().startsWith("alias/" + testResourcePrefix)) {
            continue;
        }

        DescribeKeyRequest request = new DescribeKeyRequest().withKeyId(entry.getTargetKeyId());
        KeyMetadata metadata = kmsClient.describeKey(request).getKeyMetadata();

        if (KMSKeyState.fromString(metadata.getKeyState()) != KMSKeyState.PENDING_DELETION &&
                metadata.getCreationDate().before(createdBeforeThreshold)) {
            LOG.info("Scheduling KMS key for deletion:" + entry.getAliasName());
            scheduleKeyDeletion(kmsClient, entry);
        }
    }
}
项目:tdl-auth    文件:LinkGeneratorLambdaHandler.java    
LinkGeneratorLambdaHandler(String region, String jwtEncryptKeyArn, String pageStorageBucket, String authVerifyEndpointURL,
                           AWSCredentialsProvider awsCredential, String introPageTemplateName) throws IOException, TemplateException {
    AWSKMS kmsClient = AWSKMSClientBuilder.standard()
            .withCredentials(awsCredential)
            .withRegion(region)
            .build();
    AmazonS3 s3client = AmazonS3ClientBuilder
            .standard()
            .withCredentials(awsCredential)
            .withRegion(region)
            .build();
    kmsEncrypt = new KMSEncrypt(kmsClient, jwtEncryptKeyArn);
    this.pageStorageBucket = pageStorageBucket;
    this.authVerifyEndpointURL = authVerifyEndpointURL;
    this.pageUploader = new PageUploader(s3client, pageStorageBucket);


    this.introPageTemplate = new IntroPageTemplate(introPageTemplateName);
}
项目:tdl-auth    文件:AuthLambdaAcceptanceTest.java    
@Before
public void setUp() throws Exception {
    context = mock(Context.class);
    when(context.getLogger()).thenReturn(System.out::println);

    handler = new AuthLambdaHandler(TEST_AWS_REGION, TEST_JWT_KEY_ARN, TEST_VIDEO_STORAGE_BUCKET,
            TEST_USER_ACCESS_KEY_ID, TEST_USER_SECRET_ACCESS_KEY);

    AWSKMS kmsClient = AWSKMSClientBuilder.standard()
            .withRegion(TEST_AWS_REGION)
            .withCredentials(new AWSStaticCredentialsProvider(
                    new BasicAWSCredentials(TEST_USER_ACCESS_KEY_ID, TEST_USER_SECRET_ACCESS_KEY))
            )
            .build();
    kmsEncrypt = new KMSEncrypt(kmsClient, TEST_JWT_KEY_ARN);
}
项目:aws-encryption-sdk-java    文件:KmsMasterKeyProvider.java    
private AWSKMSClientBuilder cloneClientBuilder(final AWSKMSClientBuilder builder) {
    // We need to copy all arguments out of the builder in case it's mutated later on.
    // Unfortunately AWSKMSClientBuilder doesn't support .clone() so we'll have to do it by hand.

    if (builder.getEndpoint() != null) {
        // We won't be able to set the region later if a custom endpoint is set.
        throw new IllegalArgumentException("Setting endpoint configuration is not compatible with passing a " +
                                           "builder to the KmsMasterKeyProvider. Use withCustomClientFactory" +
                                           " instead.");
    }

    final AWSKMSClientBuilder newBuilder = AWSKMSClient.builder();
    newBuilder.setClientConfiguration(builder.getClientConfiguration());
    newBuilder.setCredentials(builder.getCredentials());
    newBuilder.setEndpointConfiguration(builder.getEndpoint());
    newBuilder.setMetricsCollector(builder.getMetricsCollector());
    if (builder.getRequestHandlers() != null) {
        newBuilder.setRequestHandlers(builder.getRequestHandlers().toArray(new RequestHandler2[0]));
    }
    return newBuilder;
}
项目:aws-encryption-sdk-java    文件:KmsMasterKeyProvider.java    
private RegionalClientSupplier clientFactory() {
    if (regionalClientSupplier_ != null) {
        return regionalClientSupplier_;
    }

    // Clone again; this MKP builder might be reused to build a second MKP with different creds.
    AWSKMSClientBuilder builder = templateBuilder_ != null ? cloneClientBuilder(templateBuilder_)
                                                           : AWSKMSClientBuilder.standard();

    ConcurrentHashMap<String, AWSKMS> clientCache = new ConcurrentHashMap<>();

    return region -> clientCache.computeIfAbsent(region, region2 -> {
        // Clone yet again as we're going to change the region field.
        return cloneClientBuilder(builder).withRegion(region2).build();
    });
}
项目:bender    文件:Passwords.java    
public static String decrypt(String str, Region region) throws UnsupportedEncodingException {
  if (isJUnitTest()) {
    return str;
  }

  AWSKMS kms = AWSKMSClientBuilder.standard().withRegion(region.getName()).build();

  /*
   * The KMS ciphertext is base64 encoded and must be decoded before the request is made
   */
  String cipherString = str;
  byte[] cipherBytes = Base64.decode(cipherString);

  /*
   * Create decode request and decode
   */
  ByteBuffer cipherBuffer = ByteBuffer.wrap(cipherBytes);
  DecryptRequest req = new DecryptRequest().withCiphertextBlob(cipherBuffer);
  DecryptResult resp = kms.decrypt(req);

  /*
   * Convert the response plaintext bytes to a string
   */
  return new String(resp.getPlaintext().array(), Charset.forName("UTF-8"));
}
项目:qpp-conversion-tool    文件:KmsConfig.java    
/**
 * Creates the KMS client {@link Bean}.
 *
 * Uses the default client, but if a region is unspecified, uses {@code us-east-1}.
 *
 * @return The KMS client.
 */
@Bean
public AWSKMS awsKms() {
    AWSKMS client = null;

    try {
        client = AWSKMSClientBuilder.defaultClient();
    } catch (SdkClientException exception) {
        API_LOG.info("Default KMS client failed to build, trying again with region us-east-1", exception);
        client = planB();
    }

    return client;
}
项目:qpp-conversion-tool    文件:KmsConfigTest.java    
@Test
public void testDefaultClient() {
    mockStatic(AWSKMSClientBuilder.class);
    when(AWSKMSClientBuilder.defaultClient()).thenReturn(Mockito.mock(AWSKMS.class));
    Assert.assertNotNull(underTest.awsKms());
    verify(underTest, times(0)).planB();
}
项目:qpp-conversion-tool    文件:KmsConfigTest.java    
@Test
public void testRegionClient() {
    mockStatic(AWSKMSClientBuilder.class);
    when(AWSKMSClientBuilder.defaultClient()).thenThrow(new SdkClientException("meep"));
    doAnswer(invocationOnMock -> null).when(underTest).planB();

    underTest.awsKms();
    verify(underTest, times(1)).planB();
}
项目:strongbox    文件:KMSManager.java    
public static KMSManager fromCredentials(AWSCredentialsProvider awsCredentials,
                                         ClientConfiguration clientConfiguration,
                                         SecretsGroupIdentifier groupIdentifier) {
    AWSKMS client = AWSKMSClientBuilder.standard()
        .withCredentials(awsCredentials)
        .withClientConfiguration(transformAndVerifyOrThrow(clientConfiguration))
        .withRegion(groupIdentifier.region.getName())
        .build();
    return new KMSManager(client, awsCredentials, clientConfiguration, groupIdentifier);
}
项目:strongbox    文件:KMSRandomGenerator.java    
public KMSRandomGenerator(AWSCredentialsProvider awsCredentials, ClientConfiguration clientConfiguration) {
    this.client = AWSKMSClientBuilder.standard()
            .withCredentials(awsCredentials)
            .withClientConfiguration(transformAndVerifyOrThrow(clientConfiguration))
            .withRegion(RegionResolver.getRegion())
            .build();
}
项目:tdl-auth    文件:JWTKMSAuthorizer.java    
public JWTKMSAuthorizer(String region, String jwtDecryptKeyARN, AWSCredentialsProvider credential) {
    AWSKMS kmsClient = AWSKMSClientBuilder.standard()
            .withRegion(region)
            .withCredentials(credential)
            .build();
    KMSDecrypt kmsDecrypt = new KMSDecrypt(kmsClient, Collections.singleton(jwtDecryptKeyARN));
    jwtDecoder = new JWTDecoder(kmsDecrypt);
}
项目:mot-public-api    文件:Decrypt.java    
private AWSKMS getClient() throws IOException {

        AWSKMSClientBuilder clientBuilder = AWSKMSClientBuilder.standard();

        ClientConfiguration clientConfig = PredefinedClientConfigurations.defaultConfig();

        String proxyHost = ConfigManager.getEnvironmentVariable(ConfigKeys.ProxyHost);
        if (proxyHost != null) {
            clientConfig.setProxyHost(proxyHost);
            clientConfig.setProxyPort(Integer.parseInt(ConfigManager.getEnvironmentVariable(ConfigKeys.ProxyPort)));
        }
        clientBuilder.setClientConfiguration(clientConfig);

        return clientBuilder.build();
    }
项目:kms-jwt    文件:GenerateTokenApp.java    
private String generateJWT() throws KeyOperationException {
    log.info("Generating JWT for user \"{}\" with journey \"{}\", valid for {} days", username, journey, expiresInDays);

    AWSKMS kmsClient = AWSKMSClientBuilder.standard()
            .withRegion(region)
            .build();

    KMSEncrypt kmsEncrypt = new KMSEncrypt(kmsClient, keyARN);
    Date expiryDate = expirationDate(expiresInDays);
    return JWTEncoder.builder(kmsEncrypt)
            .setExpiration(expiryDate)
            .claim("usr", username)
            .claim("jrn", journey)
            .compact();
}
项目:aws-encryption-sdk-java    文件:KmsMasterKeyProvider.java    
/**
 * Configures the {@link KmsMasterKeyProvider} to use specific credentials. If a builder was previously set,
 * this will override whatever credentials it set.
 * @param credentialsProvider
 * @return
 */
public Builder withCredentials(AWSCredentialsProvider credentialsProvider) {
    if (regionalClientSupplier_ != null) {
        throw clientSupplierComboException();
    }

    if (templateBuilder_ == null) {
        templateBuilder_ = AWSKMSClientBuilder.standard();
    }

    templateBuilder_.setCredentials(credentialsProvider);

    return this;
}
项目:aws-encryption-sdk-java    文件:KmsMasterKeyProvider.java    
/**
 * Configures the {@link KmsMasterKeyProvider} to use settings from this {@link AWSKMSClientBuilder} to
 * configure KMS clients. Note that the region set on this builder will be ignored, but all other settings
 * will be propagated into the regional clients.
 *
 * This method will overwrite any credentials set using {@link #withCredentials(AWSCredentialsProvider)}.
 *
 * @param builder
 * @return
 */
public Builder withClientBuilder(AWSKMSClientBuilder builder) {
    if (regionalClientSupplier_ != null) {
        throw clientSupplierComboException();
    }
    final AWSKMSClientBuilder newBuilder = cloneClientBuilder(builder);


    this.templateBuilder_ = newBuilder;

    return this;
}
项目:aws-encryption-sdk-java    文件:KmsMasterKeyProvider.java    
/**
 * Returns an instance of this object with the supplied configuration and credentials. all keys
 * listed in {@code keyIds} will be used to protect data.
 */
public KmsMasterKeyProvider(final AWSCredentialsProvider creds, final Region region,
        final ClientConfiguration clientConfiguration, final List<String> keyIds) {
    this(builder().withClientBuilder(AWSKMSClientBuilder.standard()
                                                        .withClientConfiguration(clientConfiguration)
                                                        .withCredentials(creds))
                  .clientFactory(),
         region.getName(),
         keyIds
    );
}
项目:baigan-config    文件:S3FileLoader.java    
public S3FileLoader(@Nonnull String bucketName, @Nonnull String key) {
    // Necessary to use *ClientBuilder for correct defaults (especially region selection).
    s3Client = AmazonS3ClientBuilder.defaultClient();
    kmsClient = AWSKMSClientBuilder.defaultClient();
    this.bucketName = bucketName;
    this.key = key;
}
项目:ibm-cos-sdk-java    文件:AWSKMSClient.java    
public static AWSKMSClientBuilder builder() {
    return AWSKMSClientBuilder.standard();
}
项目:kms-jwt    文件:End2EndTest.java    
@BeforeClass
public static void setUp() throws Exception {
    KMS_CLIENT = AWSKMSClientBuilder.standard()
            .withRegion(TEST_AWS_REGION)
            .build();
}
项目:kms-jwt    文件:KMSEncryptDecryptTest.java    
@BeforeClass
public static void setUp() throws Exception {
    KMS_CLIENT = AWSKMSClientBuilder.standard()
            .withRegion(TEST_AWS_REGION)
            .build();
}
项目:athenz    文件:AwsPrivateKeyStore.java    
public AwsPrivateKeyStore() {
   this(initAmazonS3(), AWSKMSClientBuilder.defaultClient());
   kmsDecrypt = Boolean.parseBoolean(System.getProperty(ATHENZ_PROP_AWS_KMS_DECRYPT, "false"));
}
项目:spring-cloud-config-aws-kms    文件:KmsEncryptionConfiguration.java    
@Bean
public AWSKMS kms(){
    final AWSKMSClientBuilder builder = AWSKMSClient.builder();
    Optional.ofNullable(properties.getRegion()).ifPresent(builder::setRegion);
    return builder.build();
}
项目:qpp-conversion-tool    文件:KmsConfig.java    
/**
 * Returns the default client that uses {@code us-east-1}.
 *
 * @return The KMS client.
 */
AWSKMS planB() {
    return AWSKMSClientBuilder.standard().withRegion(Regions.US_EAST_1).build();
}
项目:KeyStor    文件:KMSEncryptor.java    
/**
 * Create an AWS KMS client.
 * @return Create new instance of builder with all defaults set with the DefaultAWSCredentialsProviderChain
 */
private AWSKMS getClient() {
    return AWSKMSClientBuilder.defaultClient();
}
项目:KeyStor    文件:KMSDecryptor.java    
/**
 * Create an AWS KMS client.
 * @return
 */
private AWSKMS getClient() {
    return AWSKMSClientBuilder.defaultClient();
}
项目:KeyStor    文件:KMSEncryptor.java    
/**
 * Create an AWS KMS client.
 * @return
 */
private AWSKMS getClient() {
    return AWSKMSClientBuilder.defaultClient();
}