search

HENNGE / aiodynamo

Asynchronous, fast, pythonic DynamoDB Client
https://aiodynamo.readthedocs.io/
Other
73 stars 21 forks source link

FileCredentials never set aws_session_token #116

Closed danielwoerner closed 2 years ago

danielwoerner commented 2 years ago

Problem: I'm on a Windows system, but using git bash as my PyCharm Terminal (so i can't set Windows Environmental Variables). I'm getting my aws_session_token via a script, which sets the new token in ~/.aws/credentials for a specific profile (not default!).

When getting a new client via

client = Client(HTTPX(session), FileCredentials(profile_name="notdefault"), "eu-central-1")

any later table operations always fail, claiming the aws_session_token is invalid. Well yes, of course it is, because it was never set, while going through the FileCredentials() logic.

The issue seems to be following part. id and secret get set, while token does not. Why?

        try:
            self.key = Key(
                id=profile["aws_access_key_id"],
                secret=profile["aws_secret_access_key"]
            )

Proposed Solution:

        try:
            self.key = Key(
                id=profile["aws_access_key_id"],
                secret=profile["aws_secret_access_key"],
                token=profile["aws_session_token"]
            )

If this is not a possible solution, please explain why.

ojii commented 2 years ago

This is just an oversight, and the proposed solution is almost correct, though it probably should be token=profile.get('aws_session_token', None) to keep supporting token-less file credentials.