feat: support OIDC credentials provider into default credentials prov…

…ider chain.

aliyun-net-sdk-core/Auth/Provider/DefaultCredentialProvider.cs

@@ -39,6 +39,8 @@ public class DefaultCredentialProvider
         private string regionId;
         private string roleArn;
         private string roleName;
+        private string oidcProviderArn;
+        private string oidcTokenFile;
 
         public DefaultCredentialProvider()
         {
@@ -55,6 +57,9 @@ AlibabaCloudCredentialsProvider alibabaCloudCredentialProvider
             credentialFileLocation = EnvironmentUtil.GetEnvironmentCredentialFile();
             roleName = EnvironmentUtil.GetEnvironmentRoleName();
             defaultProfile = profile;
+            roleArn = EnvironmentUtil.GetEnvironmentRoleArn();
+            oidcProviderArn = EnvironmentUtil.GetEnvironmentOIDCProviderArn();
+            oidcTokenFile = EnvironmentUtil.GetEnvironmentOIDCTokenFile();
             this.alibabaCloudCredentialProvider = alibabaCloudCredentialProvider;
         }
 
@@ -75,6 +80,7 @@ AlibabaCloudCredentialsProvider alibabaCloudCredentialsProvider
         public AlibabaCloudCredentials GetAlibabaCloudClientCredential()
         {
             var credential = GetEnvironmentAlibabaCloudCredential() ??
+                             GetOIDCAlibabaCloudCredentials() ??
                              GetCredentialFileAlibabaCloudCredential() ??
                              GetInstanceRamRoleAlibabaCloudCredential();
 
@@ -86,6 +92,15 @@ public AlibabaCloudCredentials GetAlibabaCloudClientCredential()
             return credential;
         }
 
+        public AlibabaCloudCredentials GetOIDCAlibabaCloudCredentials()
+        {
+            if (string.IsNullOrEmpty(oidcProviderArn) || string.IsNullOrEmpty(roleArn) || string.IsNullOrEmpty(oidcTokenFile))
+            {
+                return null;
+            }
+            return new OIDCCredentialsProvider(roleArn, oidcProviderArn, oidcTokenFile, "java-sdk-v1-default-rsn", null).GetCredentials();
+        }
+
         public AlibabaCloudCredentials GetEnvironmentAlibabaCloudCredential()
         {
             if (null == accessKeyId || null == accessKeySecret)

aliyun-net-sdk-core/Utils/EnvironmentUtil.cs

@@ -28,6 +28,9 @@ public class EnvironmentUtil
         private static readonly string ENV_REGION_ID = "ALIBABA_CLOUD_REGION_ID";
         private static readonly string ENV_CREDENTIAL_FILE = "ALIBABA_CLOUD_CREDENTIALS_FILE";
         private static readonly string ENV_ROLE_NAME = "ALIBABA_CLOUD_ECS_METADATA";
+        private static readonly string ENV_ROLE_ARN = "ALIBABA_CLOUD_ROLE_ARN";
+        private static readonly string ENV_OIDC_PROVIDER_ARN = "ALIBABA_CLOUD_OIDC_PROVIDER_ARN";
+        private static readonly string ENV_OIDC_TOKEN_FILE = "ALIBABA_CLOUD_OIDC_TOKEN_FILE";
 
         public static string GetHomePath()
         {
@@ -68,6 +71,21 @@ public static string GetEnvironmentRoleName()
             return Environment.GetEnvironmentVariable(ENV_ROLE_NAME) ?? null;
         }
 
+        public static string GetEnvironmentRoleArn()
+        {
+            return Environment.GetEnvironmentVariable(ENV_ROLE_ARN) ?? null;
+        }
+
+        public static string GetEnvironmentOIDCProviderArn()
+        {
+            return Environment.GetEnvironmentVariable(ENV_OIDC_PROVIDER_ARN) ?? null;
+        }
+
+        public static string GetEnvironmentOIDCTokenFile()
+        {
+            return Environment.GetEnvironmentVariable(ENV_OIDC_TOKEN_FILE) ?? null;
+        }
+
         public static string GetComposedPath(string homePath, string slash)
         {
             return homePath + slash + ".alibabacloud" + slash + "credentials.ini";