Support using profile-based credentials for S3 binary storage

Author: dalbani

deploy/jbossas/modeshape-jbossas-subsystem/src/main/java/org/modeshape/jboss/subsystem/AddS3BinaryStorage.java

@@ -35,15 +35,24 @@ protected void writeBinaryStorageConfiguration( String repositoryName,
                                                     ModelNode model,
                                                     EditableDocument binaries ) throws OperationFailedException {
         binaries.set(FieldName.TYPE, FieldValue.BINARY_STORAGE_TYPE_S3);
-        String username = ModelAttributes.S3_USERNAME.resolveModelAttribute(context, model).asString();
-        binaries.setString(FieldName.USER_NAME, username);
-        String password = ModelAttributes.S3_PASSWORD.resolveModelAttribute(context, model).asString();
-        binaries.setString(FieldName.USER_PASSWORD, password);
-        String bucketName = ModelAttributes.S3_BUCKET_NAME.resolveModelAttribute(context, model).asString();
-        binaries.setString(FieldName.BUCKET_NAME, bucketName);
-        ModelNode node = ModelAttributes.S3_ENDPOINT_URL.resolveModelAttribute(context, model);
-        String endPoint = node.isDefined() ? node.asString() : null;  //check if the node exist before getting the value
-        binaries.setString(FieldName.ENDPOINT_URL, endPoint);
+
+        ModelNode usernameNode = ModelAttributes.S3_USERNAME.resolveModelAttribute(context, model);
+        if (usernameNode.isDefined()) {
+            binaries.setString(FieldName.USER_NAME, usernameNode.asString());
+        }
+
+        ModelNode passwordNode = ModelAttributes.S3_PASSWORD.resolveModelAttribute(context, model);
+        if (passwordNode.isDefined()) {
+            binaries.setString(FieldName.USER_PASSWORD, passwordNode.asString());
+        }
+
+        ModelNode bucketNameNode = ModelAttributes.S3_BUCKET_NAME.resolveModelAttribute(context, model);
+        binaries.setString(FieldName.BUCKET_NAME, bucketNameNode.asString());
+
+        ModelNode endPointNode = ModelAttributes.S3_ENDPOINT_URL.resolveModelAttribute(context, model);
+        if (endPointNode.isDefined()) {
+            binaries.setString(FieldName.ENDPOINT_URL, endPointNode.asString());
+        }
     }
 
     @Override

deploy/jbossas/modeshape-jbossas-subsystem/src/main/java/org/modeshape/jboss/subsystem/ModelAttributes.java

@@ -961,15 +961,15 @@ public class ModelAttributes {
             new MappedAttributeDefinitionBuilder(Attribute.USERNAME.getLocalName(), ModelType.STRING,
                                                  FieldName.STORAGE, FieldName.BINARY_STORAGE, FieldName.USER_NAME)
                 .setAllowExpression(true)
-                .setAllowNull(false)
+                .setAllowNull(true)
                 .setFlags(AttributeAccess.Flag.RESTART_RESOURCE_SERVICES)
                 .build();
 
     public static final MappedSimpleAttributeDefinition S3_PASSWORD =
             new MappedAttributeDefinitionBuilder(Attribute.PASSWORD.getLocalName(), ModelType.STRING,
                                                  FieldName.STORAGE, FieldName.BINARY_STORAGE, FieldName.USER_PASSWORD)
                 .setAllowExpression(true)
-                .setAllowNull(false)
+                .setAllowNull(true)
                 .setFlags(AttributeAccess.Flag.RESTART_RESOURCE_SERVICES)
                 .build();
 

deploy/jbossas/modeshape-jbossas-subsystem/src/test/resources/org/modeshape/jboss/subsystem/modeshape-s3-binary-storage.xml

@@ -3,4 +3,8 @@
     <s3-binary-storage mime-type-detection="content" min-string-size="10" min-value-size="4096"
                        username="test" password="test" bucket-name="test" />
   </repository>
+  <repository name="sample-using-profile">
+    <s3-binary-storage mime-type-detection="content" min-string-size="10" min-value-size="4096"
+                       bucket-name="test" />
+  </repository>
 </subsystem>

modeshape-jcr/src/main/java/org/modeshape/jcr/RepositoryConfiguration.java

@@ -1211,14 +1211,7 @@ public BinaryStore getBinaryStore() throws Exception {
                 String password = binaryStorage.getString(FieldName.USER_PASSWORD);
                 String bucketName = binaryStorage.getString(FieldName.BUCKET_NAME);
                 String endPoint = binaryStorage.getString(FieldName.ENDPOINT_URL);
-
-                //Use S3 provided endpoints
-                if (endPoint != null) {
-                    store = new S3BinaryStore(username, password, bucketName, endPoint);
-                }
-                else { //Use default AWS endpoint
-                    store = new S3BinaryStore(username, password, bucketName);
-                }
+                store = new S3BinaryStore(username, password, bucketName, endPoint);
             }
 
             if (store == null) store = TransientBinaryStore.get();

modeshape-jcr/src/main/java/org/modeshape/jcr/value/binary/S3BinaryStore.java

@@ -15,18 +15,11 @@
  */
 package org.modeshape.jcr.value.binary;
 
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.Collections;
-import java.util.Date;
-import java.util.Iterator;
-import java.util.Map;
-import java.util.concurrent.TimeUnit;
-
-import javax.jcr.RepositoryException;
-
 import com.amazonaws.AmazonClientException;
+import com.amazonaws.auth.AWSCredentialsProvider;
 import com.amazonaws.auth.BasicAWSCredentials;
+import com.amazonaws.auth.profile.ProfileCredentialsProvider;
+import com.amazonaws.internal.StaticCredentialsProvider;
 import com.amazonaws.services.s3.AmazonS3Client;
 import com.amazonaws.services.s3.iterable.S3Objects;
 import com.amazonaws.services.s3.model.CopyObjectRequest;
@@ -38,6 +31,15 @@
 import org.modeshape.jcr.value.BinaryKey;
 import org.modeshape.jcr.value.BinaryValue;
 
+import javax.jcr.RepositoryException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Collections;
+import java.util.Date;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.concurrent.TimeUnit;
+
 /**
  * Binary storage option which manages the storage of files to Amazon S3
  *
@@ -93,7 +95,14 @@ public S3BinaryStore(String accessKey, String secretKey, String bucketName) thro
      */
     public S3BinaryStore(String accessKey, String secretKey, String bucketName, String endPoint) throws BinaryStoreException {
         this.bucketName = bucketName;
-        this.s3Client = new AmazonS3Client(new BasicAWSCredentials(accessKey, secretKey));
+
+        AWSCredentialsProvider credentialsProvider;
+        if (accessKey == null && secretKey == null) {
+            credentialsProvider = new ProfileCredentialsProvider();
+        } else {
+            credentialsProvider = new StaticCredentialsProvider(new BasicAWSCredentials(accessKey, secretKey));
+        }
+        this.s3Client = new AmazonS3Client(credentialsProvider);
 
         // Support for compatible S3 storage systems
         if(endPoint != null)

modeshape-jcr/src/main/resources/org/modeshape/jcr/repository-config-schema.json

@@ -476,12 +476,12 @@
                                 "username" : {
                                     "type" : "string",
                                     "description" : "The access key ID for the connection to Amazon S3.",
-                                    "required" : true
+                                    "required" : false
                                 },
                                 "password" : {
                                     "type" : "string",
                                     "description" : "The secret key for the connection to Amazon S3.",
-                                    "required" : true
+                                    "required" : false
                                 },
                                 "bucketName" : {
                                     "type" : "string",