This is an automated email from the ASF dual-hosted git repository.
xuanwo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/opendal.git
The following commit(s) were added to refs/heads/main by this push:
new 110f3190f feat(services/oss): add support for security token for
Aliyun OSS (#6511)
110f3190f is described below
commit 110f3190f2877fd90c209244e8c71ed0202694bd
Author: cavivie <[email protected]>
AuthorDate: Wed Aug 20 12:19:27 2025 +0800
feat(services/oss): add support for security token for Aliyun OSS (#6511)
---
core/src/services/oss/backend.rs | 16 ++++++++++++++++
core/src/services/oss/config.rs | 14 ++++++++++++++
2 files changed, 30 insertions(+)
diff --git a/core/src/services/oss/backend.rs b/core/src/services/oss/backend.rs
index b87502425..cfcdcb2a3 100644
--- a/core/src/services/oss/backend.rs
+++ b/core/src/services/oss/backend.rs
@@ -152,6 +152,18 @@ impl OssBuilder {
self
}
+ /// Set security_token for this backend.
+ ///
+ /// - If security_token is set, we will take user's input first.
+ /// - If not, we will try to load it from environment.
+ pub fn security_token(mut self, security_token: &str) -> Self {
+ if !security_token.is_empty() {
+ self.config.security_token = Some(security_token.to_string())
+ }
+
+ self
+ }
+
/// Specify the http client that used by this service.
///
/// # Notes
@@ -376,6 +388,10 @@ impl Builder for OssBuilder {
cfg.access_key_secret = Some(v);
}
+ if let Some(v) = self.config.security_token {
+ cfg.security_token = Some(v);
+ }
+
if let Some(v) = self.config.role_arn {
cfg.role_arn = Some(v);
}
diff --git a/core/src/services/oss/config.rs b/core/src/services/oss/config.rs
index 1e44888d2..cdd6b8fbe 100644
--- a/core/src/services/oss/config.rs
+++ b/core/src/services/oss/config.rs
@@ -49,9 +49,20 @@ pub struct OssConfig {
// authenticate options
/// Access key id for oss.
+ ///
+ /// - this field if it's `is_some`
+ /// - env value: [`ALIBABA_CLOUD_ACCESS_KEY_ID`]
pub access_key_id: Option<String>,
/// Access key secret for oss.
+ ///
+ /// - this field if it's `is_some`
+ /// - env value: [`ALIBABA_CLOUD_ACCESS_KEY_SECRET`]
pub access_key_secret: Option<String>,
+ /// `security_token` will be loaded from
+ ///
+ /// - this field if it's `is_some`
+ /// - env value: [`ALIBABA_CLOUD_SECURITY_TOKEN`]
+ pub security_token: Option<String>,
/// The size of max batch operations.
#[deprecated(
since = "0.52.0",
@@ -62,6 +73,9 @@ pub struct OssConfig {
pub delete_max_size: Option<usize>,
/// If `role_arn` is set, we will use already known config as source
/// credential to assume role with `role_arn`.
+ ///
+ /// - this field if it's `is_some`
+ /// - env value: [`ALIBABA_CLOUD_ROLE_ARN`]
pub role_arn: Option<String>,
/// role_session_name for this backend.
pub role_session_name: Option<String>,
