s3: fix rclone ignoring static credentials when env_auth=true
The SDKv2 conversion introduced a regression to do with setting credentials with env_auth=true. The rclone documentation explicitly states that env_auth only applies if secret_access_key and access_key_id are blank and users had been relying on that. However after the SDKv2 conversion we were ignoring static credentials if env_auth=true. This fixes the problem by ignoring env_auth=true if secret_access_key and access_key_id are both provided. This brings rclone back into line with the documentation and users expectations. Fixes #8067
This commit is contained in:
parent
75f5b06ff7
commit
a88066aff3
1 changed files with 9 additions and 8 deletions
|
@ -3052,9 +3052,16 @@ func (s3logger) Logf(classification logging.Classification, format string, v ...
|
||||||
func s3Connection(ctx context.Context, opt *Options, client *http.Client) (s3Client *s3.Client, err error) {
|
func s3Connection(ctx context.Context, opt *Options, client *http.Client) (s3Client *s3.Client, err error) {
|
||||||
ci := fs.GetConfig(ctx)
|
ci := fs.GetConfig(ctx)
|
||||||
var awsConfig aws.Config
|
var awsConfig aws.Config
|
||||||
|
// Make the default static auth
|
||||||
|
v := aws.Credentials{
|
||||||
|
AccessKeyID: opt.AccessKeyID,
|
||||||
|
SecretAccessKey: opt.SecretAccessKey,
|
||||||
|
SessionToken: opt.SessionToken,
|
||||||
|
}
|
||||||
|
awsConfig.Credentials = &credentials.StaticCredentialsProvider{Value: v}
|
||||||
|
|
||||||
// Try to fill in the config from the environment if env_auth=true
|
// Try to fill in the config from the environment if env_auth=true
|
||||||
if opt.EnvAuth {
|
if opt.EnvAuth && opt.AccessKeyID == "" && opt.SecretAccessKey == "" {
|
||||||
configOpts := []func(*awsconfig.LoadOptions) error{}
|
configOpts := []func(*awsconfig.LoadOptions) error{}
|
||||||
// Set the name of the profile if supplied
|
// Set the name of the profile if supplied
|
||||||
if opt.Profile != "" {
|
if opt.Profile != "" {
|
||||||
|
@ -3079,13 +3086,7 @@ func s3Connection(ctx context.Context, opt *Options, client *http.Client) (s3Cli
|
||||||
case opt.SecretAccessKey == "":
|
case opt.SecretAccessKey == "":
|
||||||
return nil, errors.New("secret_access_key not found")
|
return nil, errors.New("secret_access_key not found")
|
||||||
default:
|
default:
|
||||||
// Make the static auth
|
// static credentials are already set
|
||||||
v := aws.Credentials{
|
|
||||||
AccessKeyID: opt.AccessKeyID,
|
|
||||||
SecretAccessKey: opt.SecretAccessKey,
|
|
||||||
SessionToken: opt.SessionToken,
|
|
||||||
}
|
|
||||||
awsConfig.Credentials = &credentials.StaticCredentialsProvider{Value: v}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue