ai_v/venv/Lib/site-packages/alibabacloud_credentials/provider/profile.py

import os
import configparser
from typing import Dict

import aiofiles

from alibabacloud_credentials.provider import StaticAKCredentialsProvider, EcsRamRoleCredentialsProvider, \
    RamRoleArnCredentialsProvider, OIDCRoleArnCredentialsProvider, RsaKeyPairCredentialsProvider
from alibabacloud_credentials.provider.refreshable import Credentials
from alibabacloud_credentials_api import ICredentialsProvider
from alibabacloud_credentials.utils import auth_constant as ac
from alibabacloud_credentials.utils import auth_util as au
from alibabacloud_credentials.exceptions import CredentialException


async def _load_ini_async(file_path: str) -> Dict[str, Dict[str, str]]:
    config = configparser.ConfigParser()
    async with aiofiles.open(file_path, mode='r') as f:
        content = await f.read()
    config.read_string(content)
    ini_map = {}
    for section in config.sections():
        option = {}
        for key, value in config.items(section):
            if '#' in value:
                option[key] = value.split('#')[0].strip()
            else:
                option[key] = value.strip()
        ini_map[section] = option
    return ini_map


def _load_ini(file_path: str) -> Dict[str, Dict[str, str]]:
    config = configparser.ConfigParser()
    config.read(file_path, encoding='utf-8')
    ini_map = {}
    for section in config.sections():
        option = {}
        for key, value in config.items(section):
            if '#' in value:
                option[key] = value.split('#')[0].strip()
            else:
                option[key] = value.strip()
        ini_map[section] = option
    return ini_map


def _get_default_file() -> str:
    return os.path.join(ac.HOME, ".alibabacloud/credentials.ini")


class ProfileCredentialsProvider(ICredentialsProvider):

    def __init__(self, *,
                 profile_file: str = None,
                 profile_name: str = None):
        self._profile_file = profile_file or au.environment_credentials_file
        self._profile_name = profile_name or au.client_type
        self.__innerProvider = None

        if self._profile_file is None or self._profile_file == '':
            self._profile_file = _get_default_file()

    def _should_reload_credentials_provider(self) -> bool:
        if self.__innerProvider is None:
            return True
        return False

    def get_credentials(self) -> Credentials:
        if self._should_reload_credentials_provider():
            ini_map = _load_ini(self._profile_file)
            section = ini_map.get(self._profile_name)
            if section is None:
                raise CredentialException(f'failed to get credential from credentials file: ${self._profile_file}')
            self.__innerProvider = self._get_credentials_provider(section)

        cre = self.__innerProvider.get_credentials()
        credentials = Credentials(
            access_key_id=cre.get_access_key_id(),
            access_key_secret=cre.get_access_key_secret(),
            security_token=cre.get_security_token(),
            provider_name=f'{self.get_provider_name()}/{cre.get_provider_name()}'
        )
        return credentials

    async def get_credentials_async(self) -> Credentials:
        if self._should_reload_credentials_provider():
            ini_map = await _load_ini_async(self._profile_file)
            section = ini_map.get(self._profile_name)
            if section is None:
                raise CredentialException(f'failed to get credential from credentials file: ${self._profile_file}')
            self.__innerProvider = self._get_credentials_provider(section)

        cre = await self.__innerProvider.get_credentials_async()
        credentials = Credentials(
            access_key_id=cre.get_access_key_id(),
            access_key_secret=cre.get_access_key_secret(),
            security_token=cre.get_security_token(),
            provider_name=f'{self.get_provider_name()}/{cre.get_provider_name()}'
        )
        return credentials

    def _get_credentials_provider(self, section: Dict) -> ICredentialsProvider:

        config_type = section.get(ac.INI_TYPE)
        if 'access_key' == config_type:
            return StaticAKCredentialsProvider(
                access_key_id=section.get('access_key_id'),
                access_key_secret=section.get('access_key_secret')
            )
        elif 'ram_role_arn' == config_type:
            pre_provider = StaticAKCredentialsProvider(
                access_key_id=section.get('access_key_id'),
                access_key_secret=section.get('access_key_secret')
            )
            return RamRoleArnCredentialsProvider(
                credentials_provider=pre_provider,
                role_arn=section.get('role_arn'),
                role_session_name=section.get('role_session_name'),
                policy=section.get('policy')
            )
        elif 'oidc_role_arn' == config_type:
            return OIDCRoleArnCredentialsProvider(
                role_arn=section.get('role_arn'),
                oidc_provider_arn=section.get('oidc_provider_arn'),
                oidc_token_file_path=section.get('oidc_token_file_path'),
                role_session_name=section.get('role_session_name'),
                policy=section.get('policy')
            )
        elif 'ecs_ram_role' == config_type:
            return EcsRamRoleCredentialsProvider(
                role_name=section.get('role_name')
            )
        elif 'rsa_key_pair' == config_type:
            return RsaKeyPairCredentialsProvider(
                public_key_id=section.get('public_key_id'),
                private_key_file=section.get('private_key_file')
            )
        else:
            raise CredentialException(
                f'unsupported credential type {config_type} from credentials file {self._profile_file}')

    def get_provider_name(self) -> str:
        return 'profile'
feat(api): 实现图像生成及后台同步功能 - 新增图像生成接口，支持试用、积分和自定义API Key模式 - 实现生成图片结果异步上传至MinIO存储，带重试机制 - 优化积分预扣除和异常退还逻辑，保障用户积分准确 - 添加获取生成历史记录接口，支持时间范围和分页 - 提供本地字典配置接口，支持模型、比例、提示模板和尺寸 - 实现图片批量上传接口，支持S3兼容对象存储 feat(admin): 增加管理员角色管理与权限分配接口 - 实现角色列表查询、角色创建、更新及删除功能 - 增加权限列表查询接口 - 实现用户角色分配接口，便于统一管理用户权限 - 增加系统字典增删查改接口，支持分类过滤和排序 - 权限控制全面覆盖管理接口，保证安全访问 feat(auth): 完善用户登录注册及权限相关接口与页面 - 实现手机号验证码发送及校验功能，保障注册安全 - 支持手机号注册、登录及退出接口，集成日志记录 - 增加修改密码功能，验证原密码后更新 - 提供动态导航菜单接口，基于权限展示不同菜单 - 实现管理界面路由及日志、角色、字典管理页面访问权限控制 - 添加系统日志查询接口，支持关键词和等级筛选 feat(app): 初始化Flask应用并配置蓝图与数据库 - 创建应用程序工厂，加载配置，初始化数据库和Redis客户端 - 注册认证、API及管理员蓝图，整合路由 - 根路由渲染主页模板 - 应用上下文中自动创建数据库表，保证运行环境准备完毕 feat(database): 提供数据库创建与迁移支持脚本 - 新增数据库创建脚本，支持自动检测是否已存在 - 添加数据库表初始化脚本，支持创建和删除所有表 - 实现RBAC权限初始化，包含基础权限和角色创建 - 新增字段手动修复脚本，添加用户API Key和积分字段 - 强制迁移脚本支持清理连接和修复表结构，初始化默认数据及角色分配 feat(config): 新增系统配置参数 - 配置数据库、Redis、Session和MinIO相关参数 - 添加AI接口地址及试用Key配置 - 集成阿里云短信服务配置及开发模式相关参数 feat(extensions): 初始化数据库、Redis和MinIO客户端 - 创建全局SQLAlchemy数据库实例和Redis客户端 - 配置基于boto3的MinIO兼容S3客户端 chore(logs): 添加示例系统日志文件 - 记录用户请求、验证码发送成功与失败的日志信息 2026-01-12 00:53:31 +08:00			`import os`
			`import configparser`
			`from typing import Dict`

			`import aiofiles`

			`from alibabacloud_credentials.provider import StaticAKCredentialsProvider, EcsRamRoleCredentialsProvider, \`
			`RamRoleArnCredentialsProvider, OIDCRoleArnCredentialsProvider, RsaKeyPairCredentialsProvider`
			`from alibabacloud_credentials.provider.refreshable import Credentials`
			`from alibabacloud_credentials_api import ICredentialsProvider`
			`from alibabacloud_credentials.utils import auth_constant as ac`
			`from alibabacloud_credentials.utils import auth_util as au`
			`from alibabacloud_credentials.exceptions import CredentialException`


			`async def _load_ini_async(file_path: str) -> Dict[str, Dict[str, str]]:`
			`config = configparser.ConfigParser()`
			`async with aiofiles.open(file_path, mode='r') as f:`
			`content = await f.read()`
			`config.read_string(content)`
			`ini_map = {}`
			`for section in config.sections():`
			`option = {}`
			`for key, value in config.items(section):`
			`if '#' in value:`
			`option[key] = value.split('#')[0].strip()`
			`else:`
			`option[key] = value.strip()`
			`ini_map[section] = option`
			`return ini_map`


			`def _load_ini(file_path: str) -> Dict[str, Dict[str, str]]:`
			`config = configparser.ConfigParser()`
			`config.read(file_path, encoding='utf-8')`
			`ini_map = {}`
			`for section in config.sections():`
			`option = {}`
			`for key, value in config.items(section):`
			`if '#' in value:`
			`option[key] = value.split('#')[0].strip()`
			`else:`
			`option[key] = value.strip()`
			`ini_map[section] = option`
			`return ini_map`


			`def _get_default_file() -> str:`
			`return os.path.join(ac.HOME, ".alibabacloud/credentials.ini")`


			`class ProfileCredentialsProvider(ICredentialsProvider):`

			`def __init__(self, *,`
			`profile_file: str = None,`
			`profile_name: str = None):`
			`self._profile_file = profile_file or au.environment_credentials_file`
			`self._profile_name = profile_name or au.client_type`
			`self.__innerProvider = None`

			`if self._profile_file is None or self._profile_file == '':`
			`self._profile_file = _get_default_file()`

			`def _should_reload_credentials_provider(self) -> bool:`
			`if self.__innerProvider is None:`
			`return True`
			`return False`

			`def get_credentials(self) -> Credentials:`
			`if self._should_reload_credentials_provider():`
			`ini_map = _load_ini(self._profile_file)`
			`section = ini_map.get(self._profile_name)`
			`if section is None:`
			`raise CredentialException(f'failed to get credential from credentials file: ${self._profile_file}')`
			`self.__innerProvider = self._get_credentials_provider(section)`

			`cre = self.__innerProvider.get_credentials()`
			`credentials = Credentials(`
			`access_key_id=cre.get_access_key_id(),`
			`access_key_secret=cre.get_access_key_secret(),`
			`security_token=cre.get_security_token(),`
			`provider_name=f'{self.get_provider_name()}/{cre.get_provider_name()}'`
			`)`
			`return credentials`

			`async def get_credentials_async(self) -> Credentials:`
			`if self._should_reload_credentials_provider():`
			`ini_map = await _load_ini_async(self._profile_file)`
			`section = ini_map.get(self._profile_name)`
			`if section is None:`
			`raise CredentialException(f'failed to get credential from credentials file: ${self._profile_file}')`
			`self.__innerProvider = self._get_credentials_provider(section)`

			`cre = await self.__innerProvider.get_credentials_async()`
			`credentials = Credentials(`
			`access_key_id=cre.get_access_key_id(),`
			`access_key_secret=cre.get_access_key_secret(),`
			`security_token=cre.get_security_token(),`
			`provider_name=f'{self.get_provider_name()}/{cre.get_provider_name()}'`
			`)`
			`return credentials`

			`def _get_credentials_provider(self, section: Dict) -> ICredentialsProvider:`

			`config_type = section.get(ac.INI_TYPE)`
			`if 'access_key' == config_type:`
			`return StaticAKCredentialsProvider(`
			`access_key_id=section.get('access_key_id'),`
			`access_key_secret=section.get('access_key_secret')`
			`)`
			`elif 'ram_role_arn' == config_type:`
			`pre_provider = StaticAKCredentialsProvider(`
			`access_key_id=section.get('access_key_id'),`
			`access_key_secret=section.get('access_key_secret')`
			`)`
			`return RamRoleArnCredentialsProvider(`
			`credentials_provider=pre_provider,`
			`role_arn=section.get('role_arn'),`
			`role_session_name=section.get('role_session_name'),`
			`policy=section.get('policy')`
			`)`
			`elif 'oidc_role_arn' == config_type:`
			`return OIDCRoleArnCredentialsProvider(`
			`role_arn=section.get('role_arn'),`
			`oidc_provider_arn=section.get('oidc_provider_arn'),`
			`oidc_token_file_path=section.get('oidc_token_file_path'),`
			`role_session_name=section.get('role_session_name'),`
			`policy=section.get('policy')`
			`)`
			`elif 'ecs_ram_role' == config_type:`
			`return EcsRamRoleCredentialsProvider(`
			`role_name=section.get('role_name')`
			`)`
			`elif 'rsa_key_pair' == config_type:`
			`return RsaKeyPairCredentialsProvider(`
			`public_key_id=section.get('public_key_id'),`
			`private_key_file=section.get('private_key_file')`
			`)`
			`else:`
			`raise CredentialException(`
			`f'unsupported credential type {config_type} from credentials file {self._profile_file}')`

			`def get_provider_name(self) -> str:`
			`return 'profile'`