(sdap-nexus) 01/01: patch bug in credential validity and renewal functions

Tue, 11 Nov 2025 14:47:53 -0800 

This is an automated email from the ASF dual-hosted git repository.

rkk pushed a commit to branch credential-handler-patch
in repository https://gitbox.apache.org/repos/asf/sdap-nexus.git

commit 8266c1e813df40f6f8f6188e15f884357b40d378
Author: rileykk <[email protected]>
AuthorDate: Tue Nov 11 14:41:56 2025 -0800

    patch bug in credential validity and renewal functions
---
 data-access/nexustiles/backends/CredentialHandler.py | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/data-access/nexustiles/backends/CredentialHandler.py 
b/data-access/nexustiles/backends/CredentialHandler.py
index 422b130..d884d16 100644
--- a/data-access/nexustiles/backends/CredentialHandler.py
+++ b/data-access/nexustiles/backends/CredentialHandler.py
@@ -190,8 +190,6 @@ class FixedAWSProfileCredentialHandler(CredentialHandler):
 
             return False
 
-
-
     def is_valid(self) -> bool:
         try:
             self.__session.client('sts').get_caller_identity()
@@ -199,7 +197,9 @@ class FixedAWSProfileCredentialHandler(CredentialHandler):
         except ClientError as err:
             err_code = err.response['Error']['Code']
             err_msg = err.response['Error']['Message']
-            logger.error(f'Credentials in profile {self.__profile} are 
invalid. Code: {err_code}, Message: {err_msg}')
+            logger.warning(f'Credentials in profile {self.__profile} are 
invalid. '
+                           f'Code: {err_code}, Message: {err_msg}. '
+                           f'Will attempt to renew.')
             return False
 
 
@@ -243,12 +243,19 @@ class AWSEnvironmentCredentialHandler(CredentialHandler):
 
     def is_valid(self) -> bool:
         try:
-            self.__session.client('sts').get_caller_identity()
+            boto3.Session(
+                aws_access_key_id=self.cred_data['access_key_id'],
+                aws_secret_access_key=self.cred_data['secret_access_key'],
+                aws_session_token=self.cred_data['token'],
+                region_name=self.__region
+
+            ).client('sts').get_caller_identity()
             return True
         except ClientError as err:
             err_code = err.response['Error']['Code']
             err_msg = err.response['Error']['Message']
-            logger.error(f'Environment credentials in are invalid. Code: 
{err_code}, Message: {err_msg}')
+            logger.warning(f'Environment credentials in are invalid. Code: 
{err_code}, Message: {err_msg}. '
+                           f'Will attempt to renew.')
             return False
 
 
@@ -386,7 +393,8 @@ class DAACTemporaryAWSCredentialHandler(CredentialHandler):
         except ClientError as err:
             err_code = err.response['Error']['Code']
             err_msg = err.response['Error']['Message']
-            logger.error(f'Temp credentials are invalid. Code: {err_code}, 
Message: {err_msg}')
+            logger.warning(f'Temp credentials are invalid. Code: {err_code}, 
Message: {err_msg}. '
+                           f'Will attempt to renew')
             return False

Reply via email to