Merge pull request goamz#47 from gorsuch/support-mfa

support AWS_SESSION_TOKEN if present in env
alex0z1 · Dec 6, 2014 · 0aa2760 · 0aa2760
2 parents 3998548 + 793de7d
commit 0aa2760
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 2 deletions.
diff --git a/aws/aws.go b/aws/aws.go
@@ -321,6 +321,7 @@ func GetAuth(accessKey string, secretKey, token string, expiration time.Time) (a
 // EnvAuth creates an Auth based on environment information.
 // The AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment
 // variables are used.
+// AWS_SESSION_TOKEN is used if present.
 func EnvAuth() (auth Auth, err error) {
 	auth.AccessKey = os.Getenv("AWS_ACCESS_KEY_ID")
 	if auth.AccessKey == "" {
@@ -337,6 +338,8 @@ func EnvAuth() (auth Auth, err error) {
 	if auth.SecretKey == "" {
 		err = errors.New("AWS_SECRET_ACCESS_KEY or AWS_SECRET_KEY not found in environment")
 	}
+
+	auth.token = os.Getenv("AWS_SESSION_TOKEN")
 	return
 }
 

diff --git a/aws/aws_test.go b/aws/aws_test.go
@@ -1,12 +1,13 @@
 package aws_test
 
 import (
-	"github.com/goamz/goamz/aws"
-	"github.com/motain/gocheck"
 	"os"
 	"strings"
 	"testing"
 	"time"
+
+	"github.com/goamz/goamz/aws"
+	"github.com/motain/gocheck"
 )
 
 func Test(t *testing.T) {
@@ -62,6 +63,18 @@ func (s *S) TestEnvAuthAlt(c *gocheck.C) {
 	c.Assert(auth, gocheck.Equals, aws.Auth{SecretKey: "secret", AccessKey: "access"})
 }
 
+func (s *S) TestEnvAuthToken(c *gocheck.C) {
+	os.Clearenv()
+	os.Setenv("AWS_SECRET_KEY", "secret")
+	os.Setenv("AWS_ACCESS_KEY", "access")
+	os.Setenv("AWS_SESSION_TOKEN", "token")
+	auth, err := aws.EnvAuth()
+	c.Assert(err, gocheck.IsNil)
+	c.Assert(auth.SecretKey, gocheck.Equals, "secret")
+	c.Assert(auth.AccessKey, gocheck.Equals, "access")
+	c.Assert(auth.Token(), gocheck.Equals, "token")
+}
+
 func (s *S) TestGetAuthStatic(c *gocheck.C) {
 	exptdate := time.Now().Add(time.Hour)
 	auth, err := aws.GetAuth("access", "secret", "token", exptdate)