diff --git a/pkg/stsClient/stsClient.go b/pkg/stsClient/stsClient.go index 75749ba6..b8a2c2dc 100644 --- a/pkg/stsClient/stsClient.go +++ b/pkg/stsClient/stsClient.go @@ -54,7 +54,7 @@ func NewSTSClient(userAccessKeyID, userSecretAccessKey, regionID string) (*clien } func (s *Sts) GetSTSClient(clientIdentifier, userAccessKeyID, userSecret, regionID string) (*client.Client, error) { - if c, ok := s.clients[clientIdentifier]; ok { + if c, ok := s.clients[clientIdentifier]; ok && s.IsSTSTokenValid(clientIdentifier) { return c.client, nil } diff --git a/plugins/providers/maxcompute/provider.go b/plugins/providers/maxcompute/provider.go index a5f12123..01e667cc 100644 --- a/plugins/providers/maxcompute/provider.go +++ b/plugins/providers/maxcompute/provider.go @@ -458,10 +458,8 @@ func (p *provider) getRamRoleAndStsClientID(clientType string, creds *credential } func (p *provider) getCachedOdpsClient(ramRole, stsClientID, urn string) (*odps.Odps, bool) { - if c, ok := p.odpsClients[ramRole]; ok { - if c.stsClientExist && p.sts.IsSTSTokenValid(stsClientID) { - return c.client, true - } + c, ok := p.odpsClients[ramRole] + if ramRole != "" && ok && c.stsClientExist && p.sts.IsSTSTokenValid(stsClientID) { return c.client, true } @@ -474,7 +472,7 @@ func (p *provider) getCachedOdpsClient(ramRole, stsClientID, urn string) (*odps. func (p *provider) getCachedRestClient(ramRole, stsClientID, urn string) (*maxcompute.Client, bool) { c, ok := p.restClients[ramRole] - if ok && c.stsClientExist && p.sts.IsSTSTokenValid(stsClientID) { + if ramRole != "" && ok && c.stsClientExist && p.sts.IsSTSTokenValid(stsClientID) { return c.client, true } diff --git a/plugins/providers/oss/provider.go b/plugins/providers/oss/provider.go index 80f49c0e..50cf1824 100644 --- a/plugins/providers/oss/provider.go +++ b/plugins/providers/oss/provider.go @@ -432,10 +432,8 @@ func (p *provider) getOSSClient(pc *domain.ProviderConfig, ramRole string) (*oss } func (p *provider) getCachedOSSClient(ramRole, stsClientID, urn string) (*oss.Client, bool) { - if c, ok := p.ossClients[ramRole]; ok { - if c.stsClientExist && p.sts.IsSTSTokenValid(stsClientID) { - return c.client, true - } + c, ok := p.ossClients[ramRole] + if ramRole != "" && ok && c.stsClientExist && p.sts.IsSTSTokenValid(stsClientID) { return c.client, true }