@@ -236,3 +236,58 @@ def _try_get_credentials(self) -> Optional[Credentials]:
236236 ):
237237 return None
238238 return self .credentials
239+
240+
241+ class NoLockUrlCredentialsProvider (CredentialsProvider ):
242+ """The class provides the credentials from an url.
243+
244+ It does not use lock to protect the credentials.
245+ Due to threading.Lock is not serializable,
246+ it can not be used in Ray remote function.
247+ """
248+
249+ def __init__ (self , credential_url : str ):
250+ """Initialize the UrlCredentialsProvider."""
251+ if not credential_url :
252+ raise TosfsCertificationError ("The credential_url param must not be empty." )
253+ self .expires : Optional [datetime ] = None
254+ self .credentials = None
255+ self .credential_url = credential_url
256+
257+ def get_credentials (self ) -> Credentials :
258+ """Get the credentials from the url."""
259+ res = self ._try_get_credentials ()
260+ if res is not None :
261+ return res
262+ try :
263+ res = self ._try_get_credentials ()
264+ if res is not None :
265+ return res
266+
267+ res = requests .get (self .credential_url , timeout = 30 )
268+ res_body = res .json ()
269+ self .credentials = Credentials (
270+ res_body .get ("AccessKeyId" ),
271+ res_body .get ("SecretAccessKey" ),
272+ res_body .get ("SessionToken" ),
273+ )
274+ self .expires = datetime .strptime (
275+ res_body .get ("ExpiredTime" ), ECS_DATE_FORMAT
276+ )
277+ return self .credentials
278+ except Exception as e :
279+ if self .expires is not None and (
280+ datetime .now ().timestamp () < self .expires .timestamp ()
281+ ):
282+ return self .credentials
283+ raise TosfsCertificationError ("Get token failed" ) from e
284+
285+ def _try_get_credentials (self ) -> Optional [Credentials ]:
286+ if self .expires is None or self .credentials is None :
287+ return None
288+ if (
289+ datetime .now ().timestamp ()
290+ > (self .expires - timedelta (minutes = 10 )).timestamp ()
291+ ):
292+ return None
293+ return self .credentials
0 commit comments