Use Identity instead of Credentials in signing code
#2913
Conversation
|
A new generated diff is ready to view.
A new doc preview is ready to view. |
There was a problem hiding this comment.
overall I think this is the right change. Personally, though, I'd keep Credentials on all the private locations and validate very early on that it is indeed credentials inside. We can also have a .credentials method on the signing params builder that accepts credentials—no reason we can't have both credentials and identity.
aws/rust-runtime/aws-sigv4/src/http_request/canonical_request.rs
Outdated
Show resolved
Hide resolved
|
A new generated diff is ready to view.
A new doc preview is ready to view. |
|
A new generated diff is ready to view.
A new doc preview is ready to view. |
|
A new generated diff is ready to view.
A new doc preview is ready to view. |
|
A new generated diff is ready to view.
A new doc preview is ready to view. |
|
A new generated diff is ready to view.
A new doc preview is ready to view. |
|
A new generated diff is ready to view.
A new doc preview is ready to view. |
|
A new generated diff is ready to view.
A new doc preview is ready to view. |
|
A new generated diff is ready to view.
A new doc preview is ready to view. |
|
A new generated diff is ready to view.
A new doc preview is ready to view. |
Velfi
force-pushed
the
zhessler-refactor-sigv4-identity
branch
from
9eb3bd8 to
f0573aa
Compare
|
A new generated diff is ready to view.
A new doc preview is ready to view. |
|
A new generated diff is ready to view.
A new doc preview is ready to view. |
| @@ -52,6 +65,7 @@ enum CanonicalRequestErrorKind { | |||
| InvalidHeaderValue { source: InvalidHeaderValue }, | |||
| InvalidUtf8InHeaderValue { source: Utf8Error }, | |||
| InvalidUri { source: InvalidUri }, | |||
| UnsupportedCredentialType, | |||
There was a problem hiding this comment.
Should be called UnsupportedIdentityType
| @@ -29,14 +30,11 @@ pub mod event_stream; | |||
| pub mod http_request; | |||
|
|
|||
| /// Parameters to use when signing. | |||
| // #[derive(Debug)] is safe because `Identity` handles redaction. | |||
There was a problem hiding this comment.
Identity doesn't handle redaction, but the data inside of it is supposed to.
|
A new generated diff is ready to view.
A new doc preview is ready to view. |
This PR replaces the access_key, secret_key, and session token fields of signing params with the Orchestrator's
Identitytype.Checklist
CHANGELOG.next.tomlif I made changes to the smithy-rs codegen or runtime cratesCHANGELOG.next.tomlif I made changes to the AWS SDK, generated SDK code, or SDK runtime cratesBy submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.