From 8660abaea26c014fff44ad15ced98f8c167900f9 Mon Sep 17 00:00:00 2001
From: Richard Caunt <richardcaunt@gmail.com>
Date: Tue, 7 Nov 2017 21:20:02 +0000
Subject: [PATCH] Use jsoncpp to parse AWS JSON

---
 configure.ac | 10 +++++-----
 src/curl.cpp | 32 +++++++++++++++++++++++++++++---
 src/curl.h   |  1 +
 3 files changed, 35 insertions(+), 8 deletions(-)

diff --git a/configure.ac b/configure.ac
index 1537370..9a2349f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -176,13 +176,13 @@ dnl
 dnl For PKG_CONFIG before checking nss/gnutls.
 dnl this is redundant checking, but we need checking before following.
 dnl
-PKG_CHECK_MODULES([common_lib_checking], [fuse >= ${min_fuse_version} libcurl >= 7.0 libxml-2.0 >= 2.6])
+PKG_CHECK_MODULES([common_lib_checking], [fuse >= ${min_fuse_version} libcurl >= 7.0 libxml-2.0 >= 2.6 jsoncpp >= 1.7])
 
 AC_MSG_CHECKING([compile s3fs with])
 case "${auth_lib}" in
 openssl)
   AC_MSG_RESULT(OpenSSL)
-  PKG_CHECK_MODULES([DEPS], [fuse >= ${min_fuse_version} libcurl >= 7.0 libxml-2.0 >= 2.6 libcrypto >= 0.9])
+  PKG_CHECK_MODULES([DEPS], [fuse >= ${min_fuse_version} libcurl >= 7.0 libxml-2.0 >= 2.6 libcrypto >= 0.9 jsoncpp >= 1.7])
   ;;
 gnutls)
   AC_MSG_RESULT(GnuTLS-gcrypt)
@@ -191,7 +191,7 @@ gnutls)
   AS_IF([test "$gnutls_nettle" = ""], [AC_CHECK_LIB(gcrypt, gcry_control, [gnutls_nettle=0])])
   AS_IF([test $gnutls_nettle = 0],
     [
-      PKG_CHECK_MODULES([DEPS], [fuse >= ${min_fuse_version} libcurl >= 7.0 libxml-2.0 >= 2.6 gnutls >= 2.12.0 ])
+      PKG_CHECK_MODULES([DEPS], [fuse >= ${min_fuse_version} libcurl >= 7.0 libxml-2.0 >= 2.6 gnutls >= 2.12.0 jsoncpp >= 1.7 ])
       LIBS="-lgnutls -lgcrypt $LIBS"
       AC_MSG_CHECKING([gnutls is build with])
       AC_MSG_RESULT(gcrypt)
@@ -205,7 +205,7 @@ nettle)
   AS_IF([test "$gnutls_nettle" = ""], [AC_CHECK_LIB(nettle, nettle_MD5Init, [gnutls_nettle=1])])
   AS_IF([test $gnutls_nettle = 1],
     [
-      PKG_CHECK_MODULES([DEPS], [fuse >= ${min_fuse_version} libcurl >= 7.0 libxml-2.0 >= 2.6 nettle >= 2.7.1 ])
+      PKG_CHECK_MODULES([DEPS], [fuse >= ${min_fuse_version} libcurl >= 7.0 libxml-2.0 >= 2.6 nettle >= 2.7.1 jsoncpp >= 1.7 ])
       LIBS="-lgnutls -lnettle $LIBS"
       AC_MSG_CHECKING([gnutls is build with])
       AC_MSG_RESULT(nettle)
@@ -214,7 +214,7 @@ nettle)
   ;;
 nss)
   AC_MSG_RESULT(NSS)
-  PKG_CHECK_MODULES([DEPS], [fuse >= ${min_fuse_version} libcurl >= 7.0 libxml-2.0 >= 2.6 nss >= 3.15.0 ])
+  PKG_CHECK_MODULES([DEPS], [fuse >= ${min_fuse_version} libcurl >= 7.0 libxml-2.0 >= 2.6 nss >= 3.15.0 jsoncpp >= 1.7 ])
   ;;
 *)
   AC_MSG_ERROR([unknown ssl library type.])
diff --git a/src/curl.cpp b/src/curl.cpp
index 5b268cb..a22cfc4 100644
--- a/src/curl.cpp
+++ b/src/curl.cpp
@@ -41,6 +41,8 @@
 #include <algorithm>
 #include <list>
 #include <vector>
+#include <json/json.h>
+#include <json/reader.h>
 
 #include "common.h"
 #include "curl.h"
@@ -1414,7 +1416,6 @@ bool S3fsCurl::ParseIAMCredentialResponse(const char* response, iamcredmap_t& ke
     }else if(string::npos != (pos = oneline.find(IAMCRED_EXPIRATION))){
       key = IAMCRED_EXPIRATION;
     }else{
-      S3FS_PRN_INFO3("Unknown key");
       continue;
     }
     if(string::npos == (pos = oneline.find(':', pos + key.length()))){
@@ -1428,19 +1429,44 @@ bool S3fsCurl::ParseIAMCredentialResponse(const char* response, iamcredmap_t& ke
       continue;
     }
     val = oneline.substr(0, pos);
-    S3FS_PRN_INFO3("keyval: %s - %s", key, val);
+    
     keyval[key] = val;
   }
   return true;
 }
 
+bool S3fsCurl::ParseIAMCredentialResponseV2(const char* response, iamcredmap_t& keyval)
+{
+  if(!response){
+    return false;
+  }
+
+  Json::Value root;
+  Json::Reader reader;
+
+  if (!reader.parse(response, root)) {
+    return false;
+  }
+
+  keyval[string(IAMCRED_ACCESSKEYID)] = root.get(IAMCRED_ACCESSKEYID, "").asString();
+  keyval[string(IAMCRED_SECRETACCESSKEY)] = root.get(IAMCRED_SECRETACCESSKEY, "").asString();
+  keyval[string(IAMCRED_ACCESSTOKEN)] = root.get(IAMCRED_ACCESSTOKEN, "").asString();
+  keyval[string(IAMCRED_EXPIRATION)] = root.get(IAMCRED_EXPIRATION, "").asString();
+
+  if (S3fsCurl::is_ecs) {
+    keyval[string(IAMCRED_ROLEARN)] = root.get(IAMCRED_ROLEARN, "").asString();
+  }
+
+  return true;
+}
+
 bool S3fsCurl::SetIAMCredentials(const char* response)
 {
   S3FS_PRN_INFO3("IAM credential response = \"%s\"", response);
 
   iamcredmap_t keyval;
 
-  if(!ParseIAMCredentialResponse(response, keyval)){
+  if(!ParseIAMCredentialResponseV2(response, keyval)){
     return false;
   }
   S3FS_PRN_INFO3("Parsed");
diff --git a/src/curl.h b/src/curl.h
index f9d35bc..c0e1990 100644
--- a/src/curl.h
+++ b/src/curl.h
@@ -299,6 +299,7 @@ class S3fsCurl
     static S3fsCurl* ParallelGetObjectRetryCallback(S3fsCurl* s3fscurl);
 
     static bool ParseIAMCredentialResponse(const char* response, iamcredmap_t& keyval);
+    static bool ParseIAMCredentialResponseV2(const char* response, iamcredmap_t& keyval);
     static bool SetIAMCredentials(const char* response);
     static bool ParseIAMRoleFromMetaDataResponse(const char* response, std::string& rolename);
     static bool SetIAMRoleFromMetaData(const char* response);