Move endpointurl and services to credentialprofile and not options

Author: peterrsongg

.gitignore

@@ -15,6 +15,7 @@
 **/Temp/
 **/buildlogs/
 **/.vs/
+sdk/test/UnitTests/Custom/Util/get_credentials.bat
 
 **/*project.lock.json
 **/project.lock.json

generator/.DevConfigs/8a48524d-da8b-4c04-b57e-ad196a51debb.json

@@ -0,0 +1,9 @@
+{
+    "core": {
+      "changeLogMessages": [
+        "Support Account ID based endpoints. Credential Providers will now attach the account ID to credentials if available and also read from the shared credentials file if set."
+      ],
+      "type": "patch",
+      "updateMinimum": true
+    }
+  }

sdk/src/Core/Amazon.Runtime/CredentialManagement/NetSDKCredentialsFile.cs

@@ -107,8 +107,7 @@ public class NetSDKCredentialsFile : ICredentialProfileStore
                     { "SourceProfile", SettingsConstants.SourceProfileField },
                     { "Token", SettingsConstants.SessionTokenField },
                     { "UserIdentity", SettingsConstants.UserIdentityField },
-                    { "Services", SettingsConstants.Services },
-                    { "EndpointUrl", SettingsConstants.EndpointUrl },
+                    { "AwsAccountId", SettingsConstants.AwsAccountId },
                     // Not implemented for NetSDKCredentials. Applicable only
                     // for SharedCredentials
                     { "CredentialProcess" , SettingsConstants.CredentialProcess },

sdk/src/Core/Amazon.Runtime/CredentialManagement/SharedCredentialsFile.cs

@@ -151,8 +151,6 @@ public class SharedCredentialsFile : ICredentialProfileStore
                     { "UserIdentity", null },
                     { "CredentialProcess" , "credential_process" },
                     { "WebIdentityTokenFile", "web_identity_token_file" },
-                    { "Services", "services" },
-                    { "EndpointUrl", "endpoint_url" },
                     { "AwsAccountId", "aws_account_id" },
                     { nameof(CredentialProfileOptions.SsoAccountId), SsoAccountId },
                     { nameof(CredentialProfileOptions.SsoRegion), SsoRegion },

sdk/src/Core/Amazon.Runtime/Internal/Settings/SettingsConstants.cs

@@ -56,6 +56,7 @@ public static class SettingsConstants
         public const string WebIdentityTokenFile = "WebIdentityTokenFile";
         public const string Services = "services";
         public const string EndpointUrl = "endpoint_url";
+        public const string AwsAccountId = "aws_account_id";
 
         // present in endpoint definitions in SAMLEndpoints.json file
         public const string EndpointField = "Endpoint";

sdk/src/Services/SecurityToken/Custom/AmazonSecurityTokenServiceClient.Extension.cs

@@ -150,7 +150,7 @@ AssumeRoleImmutableCredentials ICoreAmazonSTS.CredentialsFromAssumeRoleWithWebId
             {
                 var response = AssumeRoleWithWebIdentity(request);
                 return new AssumeRoleImmutableCredentials(response.Credentials.AccessKeyId, response.Credentials.SecretAccessKey,
-                    response.Credentials.SessionToken, response.Credentials.Expiration.GetValueOrDefault(), Arn.Parse(response.AssumedRoleUser.Arn).AccountId);
+                    response.Credentials.SessionToken, response.Credentials.Expiration.GetValueOrDefault(), response.AssumedRoleUser != null ? Arn.Parse(response.AssumedRoleUser.Arn).AccountId : null);
             }
             catch (Exception e)
             {
@@ -177,7 +177,7 @@ async Task<AssumeRoleImmutableCredentials> ICoreAmazonSTS.CredentialsFromAssumeR
             {
                 var response = await AssumeRoleWithWebIdentityAsync(request).ConfigureAwait(false);
                 return new AssumeRoleImmutableCredentials(response.Credentials.AccessKeyId, response.Credentials.SecretAccessKey,
-                    response.Credentials.SessionToken, response.Credentials.Expiration.GetValueOrDefault(), Arn.Parse(response.AssumedRoleUser.Arn).AccountId);
+                    response.Credentials.SessionToken, response.Credentials.Expiration.GetValueOrDefault(), response.AssumedRoleUser != null ? Arn.Parse(response.AssumedRoleUser.Arn).AccountId : null);
             }
             catch (Exception e)
             {
@@ -204,7 +204,7 @@ AssumeRoleImmutableCredentials ICoreAmazonSTS.CredentialsFromAssumeRoleAuthentic
 
                 var response = AssumeRole(request);
                 return new AssumeRoleImmutableCredentials(response.Credentials.AccessKeyId, response.Credentials.SecretAccessKey,
-                    response.Credentials.SessionToken, response.Credentials.Expiration.GetValueOrDefault(), Arn.Parse(response.AssumedRoleUser.Arn).AccountId);
+                    response.Credentials.SessionToken, response.Credentials.Expiration.GetValueOrDefault(), response.AssumedRoleUser != null ? Arn.Parse(response.AssumedRoleUser.Arn).AccountId : null);
             }
             catch (Exception e)
             {