Issue s3tools#906 add support for $AWS_PROFILE

S3/Config.py

@@ -23,6 +23,7 @@
 except ImportError:
     import http.client as httplib
 import locale
+import configparser
 
 try:
     unicode
@@ -211,8 +212,8 @@ def __init__(self, configfile = None, access_key=None, secret_key=None, access_t
             try:
                 self.read_config_file(configfile)
             except IOError:
-                if 'AWS_CREDENTIAL_FILE' in os.environ:
-                    self.env_config()
+                if 'AWS_CREDENTIAL_FILE' in os.environ or 'AWS_PROFILE' in os.environ:
+                    self.aws_credential_file()
 
             # override these if passed on the command-line
             if access_key and secret_key:
@@ -275,38 +276,35 @@ def role_refresh(self):
             except:
                 warning("Could not refresh role")
 
-    def env_config(self):
-        cred_content = ""
+    def aws_credential_file(self):
         try:
-            cred_file = open(os.environ['AWS_CREDENTIAL_FILE'],'r')
-            cred_content = cred_file.read()
+            config = configparser.ConfigParser()
+
+            aws_credential_file = os.path.expanduser('~/.aws/credentials') 
+            if 'AWS_CREDENTIAL_FILE' in os.environ and os.path.isfile(os.environ['AWS_CREDENTIAL_FILE']):
+                aws_credential_file = os.environ['AWS_CREDENTIAL_FILE']
+
+            debug("Reading AWS credentials from", aws_credential_file)
+            config.read(aws_credential_file)
+            profile = "default"
+            if 'AWS_PROFILE' in os.environ:
+                profile = os.environ['AWS_PROFILE'] 
+
+            profile_access_key = config.get(profile, 'aws_access_key_id')
+            profile_secret_key = config.get(profile, 'aws_secret_access_key')
+            self.access_key = config_unicodise(profile_access_key)
+            self.secret_key = config_unicodise(profile_secret_key)
+
+            try:
+                profile_access_token = config.get(profile, 'aws_session_token')
+                Config().access_token = config_unicodise(profile_access_token) 
+            except configparser.NoOptionError:
+                pass
+
         except IOError as e:
-            debug("Error %d accessing credentials file %s" % (e.errno,os.environ['AWS_CREDENTIAL_FILE']))
-        r_data = re.compile("^\s*(?P<orig_key>\w+)\s*=\s*(?P<value>.*)")
-        r_quotes = re.compile("^\"(.*)\"\s*$")
-        if len(cred_content)>0:
-            for line in cred_content.splitlines():
-                is_data = r_data.match(line)
-                if is_data:
-                    data = is_data.groupdict()
-                    if r_quotes.match(data["value"]):
-                        data["value"] = data["value"][1:-1]
-                    if data["orig_key"] == "AWSAccessKeyId" \
-                       or data["orig_key"] == "aws_access_key_id":
-                        data["key"] = "access_key"
-                    elif data["orig_key"]=="AWSSecretKey" \
-                       or data["orig_key"]=="aws_secret_access_key":
-                        data["key"] = "secret_key"
-                    else:
-                        debug("env_config: key = %r will be ignored", data["orig_key"])
-
-                    if "key" in data:
-                        Config().update_option(data["key"], data["value"])
-                        if data["key"] in ("access_key", "secret_key", "gpg_passphrase"):
-                            print_value = ("%s...%d_chars...%s") % (data["value"][:2], len(data["value"]) - 3, data["value"][-1:])
-                        else:
-                            print_value = data["value"]
-                        debug("env_Config: %s->%s" % (data["key"], print_value))
+            error("%d accessing credentials file %s" % (e.errno,os.environ['AWS_CREDENTIAL_FILE']))
+        except (configparser.NoOptionError, configparser.NoSectionError) as e:
+            error(e)
 
     def option_list(self):
         retval = []