Skip to content
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion .brazil.json
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,8 @@
"test-utils": { "skipImport": true },
"tests-coverage-reporting": { "skipImport": true },
"third-party": { "skipImport": true },
"third-party-slf4j-api": { "skipImport": true }
"third-party-slf4j-api": { "skipImport": true },
"crt-unavailable-tests": { "skipImport": true }
},

"dependencies": {
Expand Down
2 changes: 1 addition & 1 deletion buildspecs/release-javadoc.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ phases:
commands:
- python ./scripts/doc_crosslinks/generate_cross_link_data.py --apiDefinitionsBasePath ./services/ --apiDefinitionsRelativeFilePath src/main/resources/codegen-resources/service-2.json --templateFilePath ./scripts/doc_crosslinks/crosslink_redirect.html --outputFilePath ./scripts/crosslink_redirect.html
- mvn install -P quick -T1C
- mvn clean install javadoc:aggregate -B -Ppublic-javadoc -Dcheckstyle.skip -Dspotbugs.skip -DskipTests -Ddoclint=none -pl '!:protocol-tests,!:protocol-tests-core,!:codegen-generated-classes-test,!:sdk-benchmarks,!:s3-benchmarks,!:module-path-tests,!:test-utils,!:http-client-tests,!:tests-coverage-reporting,!:sdk-native-image-test,!:ruleset-testing-core,!:old-client-version-compatibility-test'
- mvn clean install javadoc:aggregate -B -Ppublic-javadoc -Dcheckstyle.skip -Dspotbugs.skip -DskipTests -Ddoclint=none -pl '!:protocol-tests,!:protocol-tests-core,!:codegen-generated-classes-test,!:sdk-benchmarks,!:s3-benchmarks,!:module-path-tests,!:test-utils,!:http-client-tests,!:tests-coverage-reporting,!:sdk-native-image-test,!:ruleset-testing-core,!:old-client-version-compatibility-test,!:crt-unavailable-tests'
- RELEASE_VERSION=`mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec`
-
- aws s3 sync target/site/apidocs/ $DOC_PATH/$RELEASE_VERSION/ --acl="public-read"
Expand Down
2 changes: 1 addition & 1 deletion buildspecs/release-to-maven.yml
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ phases:
awk 'BEGIN { var=ENVIRON["SDK_SIGNING_GPG_KEYNAME"] } { gsub("\\$SDK_SIGNING_GPG_KEYNAME", var, $0); print }' > \
$SETTINGS_XML

mvn clean deploy -B -s $SETTINGS_XML -Ppublishing -DperformRelease -Dspotbugs.skip -DskipTests -Dcheckstyle.skip -Djapicmp.skip -Ddoclint=none -pl !:protocol-tests,!:protocol-tests-core,!:codegen-generated-classes-test,!:sdk-benchmarks,!:module-path-tests,!:tests-coverage-reporting,!:stability-tests,!:sdk-native-image-test,!:auth-tests,!:s3-benchmarks,!:region-testing,!:old-client-version-compatibility-test -DautoReleaseAfterClose=true -DstagingProgressTimeoutMinutes=30 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120 -Dmaven.wagon.http.retryHandler.requestSentEnabled=true
mvn clean deploy -B -s $SETTINGS_XML -Ppublishing -DperformRelease -Dspotbugs.skip -DskipTests -Dcheckstyle.skip -Djapicmp.skip -Ddoclint=none -pl !:protocol-tests,!:protocol-tests-core,!:codegen-generated-classes-test,!:sdk-benchmarks,!:module-path-tests,!:tests-coverage-reporting,!:stability-tests,!:sdk-native-image-test,!:auth-tests,!:s3-benchmarks,!:region-testing,!:old-client-version-compatibility-test,!:crt-unavailable-tests -DautoReleaseAfterClose=true -DstagingProgressTimeoutMinutes=30 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120 -Dmaven.wagon.http.retryHandler.requestSentEnabled=true
else
echo "This version was already released."
fi
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@
import software.amazon.awssdk.endpoints.EndpointProvider;
import software.amazon.awssdk.http.auth.spi.scheme.AuthScheme;
import software.amazon.awssdk.http.auth.spi.scheme.AuthSchemeOption;
import software.amazon.awssdk.http.auth.spi.signer.HttpSigner;
import software.amazon.awssdk.identity.spi.AwsCredentialsIdentity;
import software.amazon.awssdk.identity.spi.Identity;
import software.amazon.awssdk.identity.spi.IdentityProvider;
Expand Down Expand Up @@ -274,6 +275,22 @@ private MethodSpec generateTrySelectAuthScheme() {
.endControlFlow();
}

builder.addStatement("$T signer",
ParameterizedTypeName.get(ClassName.get(HttpSigner.class), TypeVariableName.get("T")));
builder.beginControlFlow("try");
{
builder.addStatement("signer = authScheme.signer()");
builder.endControlFlow();
}
builder.beginControlFlow("catch (RuntimeException e)");
Comment thread
dagnir marked this conversation as resolved.
Outdated
{
builder.addStatement("discardedReasons.add(() -> String.format($S, authOption.schemeId(), e.getMessage()))",
"'%s' signer could not be retrieved: %s")
.addStatement("return null")
.endControlFlow();
}


builder.addStatement("$T.Builder identityRequestBuilder = $T.builder()",
ResolveIdentityRequest.class,
ResolveIdentityRequest.class);
Expand All @@ -294,7 +311,7 @@ private MethodSpec generateTrySelectAuthScheme() {
MetricUtils.class)
.endControlFlow();

builder.addStatement("return new $T<>(identity, authScheme.signer(), authOption)", SelectedAuthScheme.class);
builder.addStatement("return new $T<>(identity, signer, authOption)", SelectedAuthScheme.class);
return builder.build();
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
import software.amazon.awssdk.core.metrics.CoreMetric;
import software.amazon.awssdk.http.auth.spi.scheme.AuthScheme;
import software.amazon.awssdk.http.auth.spi.scheme.AuthSchemeOption;
import software.amazon.awssdk.http.auth.spi.signer.HttpSigner;
import software.amazon.awssdk.identity.spi.AwsCredentialsIdentity;
import software.amazon.awssdk.identity.spi.Identity;
import software.amazon.awssdk.identity.spi.IdentityProvider;
Expand Down Expand Up @@ -100,6 +101,14 @@ private <T extends Identity> SelectedAuthScheme<T> trySelectAuthScheme(AuthSchem
.add(() -> String.format("'%s' does not have an identity provider configured.", authOption.schemeId()));
return null;
}
HttpSigner<T> signer;
try {
signer = authScheme.signer();
} catch (RuntimeException e) {
Comment thread
dagnir marked this conversation as resolved.
discardedReasons.add(() -> String.format("'%s' signer could not be retrieved: %s", authOption.schemeId(),
e.getMessage()));
return null;
}
ResolveIdentityRequest.Builder identityRequestBuilder = ResolveIdentityRequest.builder();
authOption.forEachIdentityProperty(identityRequestBuilder::putProperty);
CompletableFuture<? extends T> identity;
Expand All @@ -110,7 +119,7 @@ private <T extends Identity> SelectedAuthScheme<T> trySelectAuthScheme(AuthSchem
identity = MetricUtils.reportDuration(() -> identityProvider.resolveIdentity(identityRequestBuilder.build()),
metricCollector, metric);
}
return new SelectedAuthScheme<>(identity, authScheme.signer(), authOption);
return new SelectedAuthScheme<>(identity, signer, authOption);
}

private SdkMetric<Duration> getIdentityMetric(IdentityProvider<?> identityProvider) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
import software.amazon.awssdk.endpoints.EndpointProvider;
import software.amazon.awssdk.http.auth.spi.scheme.AuthScheme;
import software.amazon.awssdk.http.auth.spi.scheme.AuthSchemeOption;
import software.amazon.awssdk.http.auth.spi.signer.HttpSigner;
import software.amazon.awssdk.identity.spi.AwsCredentialsIdentity;
import software.amazon.awssdk.identity.spi.Identity;
import software.amazon.awssdk.identity.spi.IdentityProvider;
Expand Down Expand Up @@ -117,6 +118,14 @@ private <T extends Identity> SelectedAuthScheme<T> trySelectAuthScheme(AuthSchem
.add(() -> String.format("'%s' does not have an identity provider configured.", authOption.schemeId()));
return null;
}
HttpSigner<T> signer;
try {
signer = authScheme.signer();
} catch (RuntimeException e) {
discardedReasons.add(() -> String.format("'%s' signer could not be retrieved: %s", authOption.schemeId(),
e.getMessage()));
return null;
}
ResolveIdentityRequest.Builder identityRequestBuilder = ResolveIdentityRequest.builder();
authOption.forEachIdentityProperty(identityRequestBuilder::putProperty);
CompletableFuture<? extends T> identity;
Expand All @@ -127,7 +136,7 @@ private <T extends Identity> SelectedAuthScheme<T> trySelectAuthScheme(AuthSchem
identity = MetricUtils.reportDuration(() -> identityProvider.resolveIdentity(identityRequestBuilder.build()),
metricCollector, metric);
}
return new SelectedAuthScheme<>(identity, authScheme.signer(), authOption);
return new SelectedAuthScheme<>(identity, signer, authOption);
}

private SdkMetric<Duration> getIdentityMetric(IdentityProvider<?> identityProvider) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
import software.amazon.awssdk.endpoints.EndpointProvider;
import software.amazon.awssdk.http.auth.spi.scheme.AuthScheme;
import software.amazon.awssdk.http.auth.spi.scheme.AuthSchemeOption;
import software.amazon.awssdk.http.auth.spi.signer.HttpSigner;
import software.amazon.awssdk.identity.spi.AwsCredentialsIdentity;
import software.amazon.awssdk.identity.spi.Identity;
import software.amazon.awssdk.identity.spi.IdentityProvider;
Expand Down Expand Up @@ -120,6 +121,14 @@ private <T extends Identity> SelectedAuthScheme<T> trySelectAuthScheme(AuthSchem
.add(() -> String.format("'%s' does not have an identity provider configured.", authOption.schemeId()));
return null;
}
HttpSigner<T> signer;
try {
signer = authScheme.signer();
} catch (RuntimeException e) {
discardedReasons.add(() -> String.format("'%s' signer could not be retrieved: %s", authOption.schemeId(),
e.getMessage()));
return null;
}
ResolveIdentityRequest.Builder identityRequestBuilder = ResolveIdentityRequest.builder();
authOption.forEachIdentityProperty(identityRequestBuilder::putProperty);
CompletableFuture<? extends T> identity;
Expand All @@ -130,7 +139,7 @@ private <T extends Identity> SelectedAuthScheme<T> trySelectAuthScheme(AuthSchem
identity = MetricUtils.reportDuration(() -> identityProvider.resolveIdentity(identityRequestBuilder.build()),
metricCollector, metric);
}
return new SelectedAuthScheme<>(identity, authScheme.signer(), authOption);
return new SelectedAuthScheme<>(identity, signer, authOption);
}

private SdkMetric<Duration> getIdentityMetric(IdentityProvider<?> identityProvider) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -52,10 +52,27 @@ public IdentityProvider<AwsCredentialsIdentity> identityProvider(IdentityProvide
*/
@Override
public AwsV4aHttpSigner signer() {
if (SignerSingletonHolder.ERROR != null) {
throw SignerSingletonHolder.ERROR;
}
return SignerSingletonHolder.INSTANCE;
}

private static class SignerSingletonHolder {
private static final AwsV4aHttpSigner INSTANCE = AwsV4aHttpSigner.create();
private static final AwsV4aHttpSigner INSTANCE;
private static final RuntimeException ERROR;

// Attempt to load the Sigv4a signer and cache the error if CRT is not available on the classpath.
static {
AwsV4aHttpSigner instance = null;
RuntimeException error = null;
try {
instance = AwsV4aHttpSigner.create();
} catch (RuntimeException e) {
error = e;
}
INSTANCE = instance;
ERROR = error;
}
}
}
1 change: 1 addition & 0 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,7 @@
<module>test/ruleset-testing-core</module>
<module>test/old-client-version-compatibility-test</module>
<module>test/bundle-logging-bridge-binding-test</module>
<module>test/crt-unavailable-tests</module>
</modules>
<scm>
<url>${scm.github.url}</url>
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/

package software.amazon.awssdk.services;

import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;

import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import software.amazon.awssdk.auth.credentials.AnonymousCredentialsProvider;
import software.amazon.awssdk.core.SelectedAuthScheme;
import software.amazon.awssdk.core.interceptor.Context;
import software.amazon.awssdk.core.interceptor.ExecutionAttributes;
import software.amazon.awssdk.core.interceptor.SdkExecutionAttribute;
import software.amazon.awssdk.core.interceptor.SdkInternalExecutionAttribute;
import software.amazon.awssdk.http.auth.aws.scheme.AwsV4AuthScheme;
import software.amazon.awssdk.http.auth.spi.scheme.AuthScheme;
import software.amazon.awssdk.http.auth.spi.scheme.AuthSchemeOption;
import software.amazon.awssdk.http.auth.spi.signer.HttpSigner;
import software.amazon.awssdk.identity.spi.AwsCredentialsIdentity;
import software.amazon.awssdk.identity.spi.IdentityProvider;
import software.amazon.awssdk.identity.spi.IdentityProviders;
import software.amazon.awssdk.services.protocolrestjson.auth.scheme.ProtocolRestJsonAuthSchemeParams;
import software.amazon.awssdk.services.protocolrestjson.auth.scheme.ProtocolRestJsonAuthSchemeProvider;
import software.amazon.awssdk.services.protocolrestjson.auth.scheme.internal.ProtocolRestJsonAuthSchemeInterceptor;

public class AuthSchemeInterceptorTest {
private static final ProtocolRestJsonAuthSchemeInterceptor INTERCEPTOR = new ProtocolRestJsonAuthSchemeInterceptor();

private Context.BeforeExecution mockContext;

@BeforeEach
public void setup() {
mockContext = mock(Context.BeforeExecution.class);
}

@Test
public void resolveAuthScheme_authSchemeSignerThrows_continuesToNextAuthScheme() {
ProtocolRestJsonAuthSchemeProvider mockAuthSchemeProvider = mock(ProtocolRestJsonAuthSchemeProvider.class);
List<AuthSchemeOption> authSchemeOptions = Arrays.asList(
AuthSchemeOption.builder().schemeId(TestAuthScheme.SCHEME_ID).build(),
AuthSchemeOption.builder().schemeId(AwsV4AuthScheme.SCHEME_ID).build()
);
when(mockAuthSchemeProvider.resolveAuthScheme(any(ProtocolRestJsonAuthSchemeParams.class))).thenReturn(authSchemeOptions);

IdentityProviders mockIdentityProviders = mock(IdentityProviders.class);
when(mockIdentityProviders.identityProvider(any(Class.class))).thenReturn(AnonymousCredentialsProvider.create());

Map<String, AuthScheme<?>> authSchemes = new HashMap<>();
authSchemes.put(AwsV4AuthScheme.SCHEME_ID, AwsV4AuthScheme.create());

TestAuthScheme notProvidedAuthScheme = spy(new TestAuthScheme());
authSchemes.put(TestAuthScheme.SCHEME_ID, notProvidedAuthScheme);

ExecutionAttributes attributes = new ExecutionAttributes();
attributes.putAttribute(SdkExecutionAttribute.OPERATION_NAME, "GetFoo");
attributes.putAttribute(SdkInternalExecutionAttribute.AUTH_SCHEME_RESOLVER, mockAuthSchemeProvider);
attributes.putAttribute(SdkInternalExecutionAttribute.IDENTITY_PROVIDERS, mockIdentityProviders);
attributes.putAttribute(SdkInternalExecutionAttribute.AUTH_SCHEMES, authSchemes);

INTERCEPTOR.beforeExecution(mockContext, attributes);

SelectedAuthScheme<?> selectedAuthScheme = attributes.getAttribute(SdkInternalExecutionAttribute.SELECTED_AUTH_SCHEME);

verify(notProvidedAuthScheme).signer();
assertThat(selectedAuthScheme.authSchemeOption().schemeId()).isEqualTo(AwsV4AuthScheme.SCHEME_ID);
}

private static class TestAuthScheme implements AuthScheme<AwsCredentialsIdentity> {
public static final String SCHEME_ID = "codegen-test-scheme";

@Override
public String schemeId() {
return SCHEME_ID;
}

@Override
public IdentityProvider<AwsCredentialsIdentity> identityProvider(IdentityProviders providers) {
return providers.identityProvider(AwsCredentialsIdentity.class);
}

@Override
public HttpSigner<AwsCredentialsIdentity> signer() {
throw new RuntimeException("Not on classpath");
}
}
}
Loading