Make follow up changes from PR 4396

core/auth/src/main/java/software/amazon/awssdk/auth/signer/S3SignerExecutionAttribute.java

@@ -90,8 +90,8 @@ private static <T extends Identity> SelectedAuthScheme<?> enableChunkedEncodingW
                                                                                                 Boolean enableChunkedEncoding) {
         if (authScheme == null) {
             // This is an unusual use-case.
-            // Let's assume they're setting normalize-path so that they can call the signer directly. If that's true, then it
-            // doesn't really matter what we store other than normalize-path.
+            // Let's assume they're setting chunked-encoding so that they can call the signer directly. If that's true, then it
+            // doesn't really matter what we store other than chunked-encoding.
             return new SelectedAuthScheme<>(CompletableFuture.completedFuture(new UnsetIdentity()),
                                             new UnsetHttpSigner(),
                                             AuthSchemeOption.builder()

core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/pipeline/stages/SigningStage.java

@@ -29,7 +29,6 @@
 import software.amazon.awssdk.core.internal.http.InterruptMonitor;
 import software.amazon.awssdk.core.internal.http.RequestExecutionContext;
 import software.amazon.awssdk.core.internal.http.pipeline.RequestToRequestPipeline;
-import software.amazon.awssdk.core.internal.http.pipeline.stages.utils.SignerOverrideUtils;
 import software.amazon.awssdk.core.internal.util.MetricUtils;
 import software.amazon.awssdk.core.metrics.CoreMetric;
 import software.amazon.awssdk.core.signer.AsyncRequestBodySigner;
@@ -64,13 +63,11 @@ public SigningStage(HttpClientDependencies dependencies) {
     @Override
     public SdkHttpFullRequest execute(SdkHttpFullRequest request, RequestExecutionContext context) throws Exception {
         InterruptMonitor.checkInterrupted();
-        if (shouldDoSraSigning(context)) {
-            SelectedAuthScheme<?> selectedAuthScheme = context
-                .executionAttributes()
-                .getAttribute(SdkInternalExecutionAttribute.SELECTED_AUTH_SCHEME);
-            return sraSignRequest(request,
-                                  context,
-                                  selectedAuthScheme);
+
+        SelectedAuthScheme<?> selectedAuthScheme =
+            context.executionAttributes().getAttribute(SdkInternalExecutionAttribute.SELECTED_AUTH_SCHEME);
+        if (shouldDoSraSigning(context, selectedAuthScheme)) {
+            return sraSignRequest(request, context, selectedAuthScheme);
         }
         return signRequest(request, context);
     }
@@ -169,9 +166,8 @@ private void updateHttpRequestInInterceptorContext(SdkHttpFullRequest request, E
     }
 
     /**
-     * We sign if a signer is provided is not null.
-     *
-     * @return True if request should be signed, false if not.
+     * We sign if it isn't auth=none. This attribute is no longer set in the SRA, so this exists only for old clients. In
+     * addition to this, old clients only set this to false, never true. So, we have to treat null as true.
      */
     private boolean shouldSign(ExecutionAttributes attributes, Signer signer) {
         return signer != null &&
@@ -180,13 +176,9 @@ private boolean shouldSign(ExecutionAttributes attributes, Signer signer) {
 
     /**
      * Returns true if we should use SRA signing logic.
-     * If there is a SELECTED_AUTH_SCHEME, it implies it's a newly (with SRA) generated clients.
-     * If Signer is overridden, with either old or new clients, it still means it's using pre SRA interfaces, so falls back to
-     * pre SRA signing logic.
      */
-    private boolean shouldDoSraSigning(RequestExecutionContext context) {
-        return !SignerOverrideUtils.isSignerOverridden(context)
-               && context.executionAttributes().getAttribute(SdkInternalExecutionAttribute.SELECTED_AUTH_SCHEME) != null;
+    private boolean shouldDoSraSigning(RequestExecutionContext context, SelectedAuthScheme<?> selectedAuthScheme) {
+        return context.signer() == null && selectedAuthScheme != null;
     }
 
     /**