From 39ea50018402e07271639a5df02aa9b84e36ea04 Mon Sep 17 00:00:00 2001 From: Zoe Wang <33073555+zoewangg@users.noreply.github.com> Date: Tue, 26 Sep 2023 09:58:39 -0700 Subject: [PATCH] Set TIME_OFFSET attribtue in SRA signin methods --- .../http/pipeline/stages/AsyncSigningStage.java | 1 + .../internal/http/pipeline/stages/SigningStage.java | 1 + .../http/pipeline/stages/AsyncSigningStageTest.java | 12 ++++++++++++ .../http/pipeline/stages/SigningStageTest.java | 9 +++++++++ 4 files changed, 23 insertions(+) diff --git a/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/pipeline/stages/AsyncSigningStage.java b/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/pipeline/stages/AsyncSigningStage.java index 383faa200603..e673219735d8 100644 --- a/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/pipeline/stages/AsyncSigningStage.java +++ b/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/pipeline/stages/AsyncSigningStage.java @@ -76,6 +76,7 @@ private CompletableFuture sraSignReques RequestExecutionContext context, SelectedAuthScheme selectedAuthScheme) { updateHttpRequestInInterceptorContext(request, context.executionContext()); + adjustForClockSkew(context.executionAttributes()); CompletableFuture identityFuture = selectedAuthScheme.identity(); return identityFuture.thenCompose(identity -> { CompletableFuture signedRequestFuture = MetricUtils.reportDuration( diff --git a/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/pipeline/stages/SigningStage.java b/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/pipeline/stages/SigningStage.java index e755a3c07ab7..bff81eac7c6a 100644 --- a/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/pipeline/stages/SigningStage.java +++ b/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/pipeline/stages/SigningStage.java @@ -76,6 +76,7 @@ private SdkHttpFullRequest sraSignRequest(SdkHttpFullReques RequestExecutionContext context, SelectedAuthScheme selectedAuthScheme) { updateHttpRequestInInterceptorContext(request, context.executionContext()); + adjustForClockSkew(context.executionAttributes()); CompletableFuture identityFuture = selectedAuthScheme.identity(); T identity = CompletableFutureUtils.joinLikeSync(identityFuture); diff --git a/core/sdk-core/src/test/java/software/amazon/awssdk/core/internal/http/pipeline/stages/AsyncSigningStageTest.java b/core/sdk-core/src/test/java/software/amazon/awssdk/core/internal/http/pipeline/stages/AsyncSigningStageTest.java index cb2a6bc46911..babc64483ff8 100644 --- a/core/sdk-core/src/test/java/software/amazon/awssdk/core/internal/http/pipeline/stages/AsyncSigningStageTest.java +++ b/core/sdk-core/src/test/java/software/amazon/awssdk/core/internal/http/pipeline/stages/AsyncSigningStageTest.java @@ -123,6 +123,8 @@ public void execute_selectedAuthScheme_nullSigner_doesSraSign() throws Exception SdkHttpFullRequest request = ValidSdkObjects.sdkHttpFullRequest().build(); SdkHttpFullRequest result = stage.execute(request, context).join(); + assertThat(context.executionAttributes().getAttribute(TIME_OFFSET)) + .isEqualTo(httpClientDependencies.timeOffset()); assertThat(result).isSameAs(signedRequest); // assert that interceptor context is updated with result @@ -172,6 +174,8 @@ public void execute_selectedAuthScheme_nullSigner_timeOffsetSet_doesSraSignAndAd httpClientDependencies.updateTimeOffset(TEST_TIME_OFFSET); SdkHttpFullRequest request = ValidSdkObjects.sdkHttpFullRequest().build(); SdkHttpFullRequest result = stage.execute(request, context).join(); + assertThat(context.executionAttributes().getAttribute(TIME_OFFSET)) + .isEqualTo(httpClientDependencies.timeOffset()); assertThat(result).isSameAs(signedRequest); // assert that interceptor context is updated with result @@ -222,6 +226,8 @@ public void execute_selectedAuthScheme_nullSigner_doesSraSignAndDoesNotOverrideA SdkHttpFullRequest request = ValidSdkObjects.sdkHttpFullRequest().build(); SdkHttpFullRequest result = stage.execute(request, context).join(); + assertThat(context.executionAttributes().getAttribute(TIME_OFFSET)) + .isEqualTo(httpClientDependencies.timeOffset()); assertThat(result).isSameAs(signedRequest); // assert that interceptor context is updated with result @@ -273,6 +279,8 @@ public void execute_selectedAuthScheme_asyncRequestBody_doesSraSignAsync() throw SdkHttpFullRequest request = ValidSdkObjects.sdkHttpFullRequest().build(); SdkHttpFullRequest result = stage.execute(request, context).join(); + assertThat(context.executionAttributes().getAttribute(TIME_OFFSET)) + .isEqualTo(httpClientDependencies.timeOffset()); assertThat(result).isSameAs(signedRequest); // assert that contexts are updated with result @@ -323,6 +331,8 @@ public void execute_selectedNoAuthAuthScheme_nullSigner_doesSraSign() throws Exc SdkHttpFullRequest request = ValidSdkObjects.sdkHttpFullRequest().build(); SdkHttpFullRequest result = stage.execute(request, context).join(); + assertThat(context.executionAttributes().getAttribute(TIME_OFFSET)) + .isEqualTo(httpClientDependencies.timeOffset()); assertThat(result).isSameAs(signedRequest); // assert that contexts are updated with result @@ -472,6 +482,8 @@ public void execute_nullSelectedAuthScheme_signer_usesTimeOffset() throws Except when(oldSigner.sign(request, context.executionAttributes().copy().putAttribute(TIME_OFFSET, 100))).thenReturn(signedRequest); SdkHttpFullRequest result = stage.execute(request, context).join(); + assertThat(context.executionAttributes().getAttribute(TIME_OFFSET)) + .isEqualTo(httpClientDependencies.timeOffset()); assertThat(result).isSameAs(signedRequest); // assert that interceptor context is updated with result diff --git a/core/sdk-core/src/test/java/software/amazon/awssdk/core/internal/http/pipeline/stages/SigningStageTest.java b/core/sdk-core/src/test/java/software/amazon/awssdk/core/internal/http/pipeline/stages/SigningStageTest.java index aedcb022a476..a24ea3de220f 100644 --- a/core/sdk-core/src/test/java/software/amazon/awssdk/core/internal/http/pipeline/stages/SigningStageTest.java +++ b/core/sdk-core/src/test/java/software/amazon/awssdk/core/internal/http/pipeline/stages/SigningStageTest.java @@ -45,6 +45,7 @@ import software.amazon.awssdk.core.http.ExecutionContext; import software.amazon.awssdk.core.interceptor.ExecutionAttributes; import software.amazon.awssdk.core.interceptor.InterceptorContext; +import software.amazon.awssdk.core.interceptor.SdkExecutionAttribute; import software.amazon.awssdk.core.internal.http.HttpClientDependencies; import software.amazon.awssdk.core.internal.http.RequestExecutionContext; import software.amazon.awssdk.core.signer.Signer; @@ -115,6 +116,8 @@ public void execute_selectedAuthScheme_nullSigner_doesSraSign() throws Exception SdkHttpFullRequest request = ValidSdkObjects.sdkHttpFullRequest().build(); SdkHttpFullRequest result = stage.execute(request, context); + assertThat(context.executionAttributes().getAttribute(TIME_OFFSET)) + .isEqualTo(httpClientDependencies.timeOffset()); assertThat(result).isSameAs(signedRequest); // assert that interceptor context is updated with result @@ -159,6 +162,8 @@ public void execute_selectedAuthScheme_nullSigner_timeOffsetSet_doesSraSignAndAd SdkHttpFullRequest request = ValidSdkObjects.sdkHttpFullRequest().build(); SdkHttpFullRequest result = stage.execute(request, context); + assertThat(context.executionAttributes().getAttribute(TIME_OFFSET)) + .isEqualTo(httpClientDependencies.timeOffset()); assertThat(result).isSameAs(signedRequest); // Assert that interceptor context is updated with result @@ -206,6 +211,8 @@ public void execute_selectedAuthScheme_nullSigner_doesSraSignAndDoesNotOverrideA SdkHttpFullRequest request = ValidSdkObjects.sdkHttpFullRequest().build(); SdkHttpFullRequest result = stage.execute(request, context); + assertThat(context.executionAttributes().getAttribute(TIME_OFFSET)) + .isEqualTo(httpClientDependencies.timeOffset()); assertThat(result).isSameAs(signedRequest); // assert that interceptor context is updated with result @@ -247,6 +254,8 @@ public void execute_selectedNoAuthAuthScheme_nullSigner_doesSraSign() throws Exc SdkHttpFullRequest request = ValidSdkObjects.sdkHttpFullRequest().build(); SdkHttpFullRequest result = stage.execute(request, context); + assertThat(context.executionAttributes().getAttribute(TIME_OFFSET)) + .isEqualTo(httpClientDependencies.timeOffset()); assertThat(result).isSameAs(signedRequest); // assert that interceptor context is updated with result