From fc6d3e63d723eef8dff84911834c3dc4dd3a3d2f Mon Sep 17 00:00:00 2001 From: Ran Vaknin Date: Fri, 2 May 2025 13:06:20 -0700 Subject: [PATCH 01/13] Adding functionality to config preferred authschemeProvider --- .../tasks/AuthSchemeGeneratorTasks.java | 6 ++ .../auth/scheme/AuthSchemeProviderSpec.java | 76 +++++++++++++ .../poet/auth/scheme/AuthSchemeSpecUtils.java | 9 ++ .../PreferredAuthSchemeProviderSpec.java | 101 ++++++++++++++++++ 4 files changed, 192 insertions(+) create mode 100644 codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/PreferredAuthSchemeProviderSpec.java diff --git a/codegen/src/main/java/software/amazon/awssdk/codegen/emitters/tasks/AuthSchemeGeneratorTasks.java b/codegen/src/main/java/software/amazon/awssdk/codegen/emitters/tasks/AuthSchemeGeneratorTasks.java index fbcec7931bd8..38c170898f27 100644 --- a/codegen/src/main/java/software/amazon/awssdk/codegen/emitters/tasks/AuthSchemeGeneratorTasks.java +++ b/codegen/src/main/java/software/amazon/awssdk/codegen/emitters/tasks/AuthSchemeGeneratorTasks.java @@ -28,6 +28,7 @@ import software.amazon.awssdk.codegen.poet.auth.scheme.EndpointAwareAuthSchemeParamsSpec; import software.amazon.awssdk.codegen.poet.auth.scheme.EndpointBasedAuthSchemeProviderSpec; import software.amazon.awssdk.codegen.poet.auth.scheme.ModelBasedAuthSchemeProviderSpec; +import software.amazon.awssdk.codegen.poet.auth.scheme.PreferredAuthSchemeProviderSpec; public final class AuthSchemeGeneratorTasks extends BaseGeneratorTasks { private final GeneratorTaskParams generatorTaskParams; @@ -45,6 +46,7 @@ protected List createTasks() { tasks.add(generateProviderInterface()); tasks.add(generateDefaultParamsImpl()); tasks.add(generateModelBasedProvider()); + tasks.add(generatePreferenceProvider()); tasks.add(generateAuthSchemeInterceptor()); if (authSchemeSpecUtils.useEndpointBasedAuthProvider()) { tasks.add(generateEndpointBasedProvider()); @@ -69,6 +71,10 @@ private GeneratorTask generateModelBasedProvider() { return new PoetGeneratorTask(authSchemeInternalDir(), model.getFileHeader(), new ModelBasedAuthSchemeProviderSpec(model)); } + private GeneratorTask generatePreferenceProvider() { + return new PoetGeneratorTask(authSchemeInternalDir(), model.getFileHeader(), new PreferredAuthSchemeProviderSpec(model)); + } + private GeneratorTask generateEndpointBasedProvider() { return new PoetGeneratorTask(authSchemeInternalDir(), model.getFileHeader(), new EndpointBasedAuthSchemeProviderSpec(model)); diff --git a/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/AuthSchemeProviderSpec.java b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/AuthSchemeProviderSpec.java index bc5255695ad1..84ad362ea975 100644 --- a/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/AuthSchemeProviderSpec.java +++ b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/AuthSchemeProviderSpec.java @@ -17,12 +17,16 @@ import com.squareup.javapoet.ClassName; import com.squareup.javapoet.CodeBlock; +import com.squareup.javapoet.FieldSpec; import com.squareup.javapoet.MethodSpec; import com.squareup.javapoet.ParameterizedTypeName; import com.squareup.javapoet.TypeName; import com.squareup.javapoet.TypeSpec; +import java.util.ArrayList; +import java.util.List; import java.util.function.Consumer; import javax.lang.model.element.Modifier; +import software.amazon.awssdk.annotations.SdkInternalApi; import software.amazon.awssdk.annotations.SdkPublicApi; import software.amazon.awssdk.codegen.model.intermediate.IntermediateModel; import software.amazon.awssdk.codegen.poet.ClassSpec; @@ -54,6 +58,9 @@ public TypeSpec poetSpec() { .addMethod(resolveAuthSchemeMethod()) .addMethod(resolveAuthSchemeConsumerBuilderMethod()) .addMethod(defaultProviderMethod()) + .addMethod(staticBuilderMethodSpec()) + .addType(builderInterfaceSpec()) + .addType(builderClassSpec()) .build(); } @@ -104,4 +111,73 @@ private CodeBlock interfaceJavadoc() { return b.build(); } + + private MethodSpec staticBuilderMethodSpec() { + return MethodSpec.methodBuilder("builder") + .addJavadoc("Create a builder for the auth scheme provider.") + .addModifiers(Modifier.PUBLIC, Modifier.STATIC) + .returns(className().nestedClass("Builder")) + .addStatement("return new $T()", ClassName.get(className().packageName(), + className().simpleName(), + className().simpleName() + "Builder") + ) + .build(); + } + + + private TypeSpec builderInterfaceSpec() { + return TypeSpec.interfaceBuilder("Builder") + .addModifiers(Modifier.PUBLIC, Modifier.STATIC) + .addMethod(MethodSpec.methodBuilder("build") + .addModifiers(Modifier.PUBLIC, Modifier.ABSTRACT) + .addJavadoc("Returns a {@link $T} object that is created from the " + + "properties that have been set on the builder.", + className()) + .returns(className()) + .build()) + + .addMethod(MethodSpec.methodBuilder("withPreferredAuthSchemes") + .addModifiers(Modifier.PUBLIC, Modifier.ABSTRACT) + .addJavadoc("Set the preferred auth schemes in order of preference.") + .returns(className().nestedClass("Builder")) + .addParameter( + ParameterizedTypeName.get(List.class, String.class), + "authSchemePreference" + ) + .build()) + .build(); + } + + private TypeSpec builderClassSpec() { + return TypeSpec.classBuilder(authSchemeSpecUtils.authSchemeProviderBuilderName()) + .addAnnotation(SdkInternalApi.class) + .addModifiers(Modifier.PUBLIC, Modifier.FINAL, Modifier.STATIC) + .addSuperinterface(className().nestedClass("Builder")) + .addField( + FieldSpec + .builder(ParameterizedTypeName.get(List.class, String.class), "authSchemePreference") + .addModifiers(Modifier.PRIVATE) + .build()) + .addMethod( + MethodSpec + .methodBuilder("withPreferredAuthSchemes").addAnnotation(Override.class) + .addModifiers(Modifier.PUBLIC) + .addParameter( + ParameterizedTypeName.get(List.class, String.class), + "authSchemePreference" + ) + .returns(className().nestedClass("Builder")) + .addStatement("this.authSchemePreference = new $T<>(authSchemePreference)", ArrayList.class).addStatement("return this") + .build()) + .addMethod( + MethodSpec + .methodBuilder("build").addAnnotation(Override.class) + .addModifiers(Modifier.PUBLIC) + .returns(className()) + .addStatement("return new $T(defaultProvider(), authSchemePreference)", + authSchemeSpecUtils.preferredAuthSchemeProviderName()) + .build()) + .build(); + } } + diff --git a/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/AuthSchemeSpecUtils.java b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/AuthSchemeSpecUtils.java index a02f3e8bc893..f6ea9e684b59 100644 --- a/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/AuthSchemeSpecUtils.java +++ b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/AuthSchemeSpecUtils.java @@ -97,6 +97,15 @@ public ClassName modeledAuthSchemeProviderName() { return ClassName.get(internalPackage(), "Modeled" + providerInterfaceName().simpleName()); } + public ClassName preferredAuthSchemeProviderName() { + return ClassName.get(internalPackage(), "Preferred" + providerInterfaceName().simpleName()); + } + + public ClassName authSchemeProviderBuilderName() { + return ClassName.get(basePackage(), + intermediateModel.getMetadata().getServiceName() + "AuthSchemeProviderBuilder"); + } + public ClassName authSchemeInterceptor() { return ClassName.get(internalPackage(), intermediateModel.getMetadata().getServiceName() + "AuthSchemeInterceptor"); } diff --git a/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/PreferredAuthSchemeProviderSpec.java b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/PreferredAuthSchemeProviderSpec.java new file mode 100644 index 000000000000..2b43bc1691ef --- /dev/null +++ b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/PreferredAuthSchemeProviderSpec.java @@ -0,0 +1,101 @@ +/* + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"). + * You may not use this file except in compliance with the License. + * A copy of the License is located at + * + * http://aws.amazon.com/apache2.0 + * + * or in the "license" file accompanying this file. This file is distributed + * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package software.amazon.awssdk.codegen.poet.auth.scheme; + +import com.squareup.javapoet.ClassName; +import com.squareup.javapoet.MethodSpec; +import com.squareup.javapoet.ParameterizedTypeName; +import com.squareup.javapoet.TypeSpec; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import javax.lang.model.element.Modifier; +import software.amazon.awssdk.annotations.SdkInternalApi; +import software.amazon.awssdk.codegen.model.intermediate.IntermediateModel; +import software.amazon.awssdk.codegen.poet.ClassSpec; +import software.amazon.awssdk.codegen.poet.PoetUtils; +import software.amazon.awssdk.utils.CollectionUtils; + +public class PreferredAuthSchemeProviderSpec implements ClassSpec { + private final AuthSchemeSpecUtils authSchemeSpecUtils; + + public PreferredAuthSchemeProviderSpec(IntermediateModel intermediateModel) { + this.authSchemeSpecUtils = new AuthSchemeSpecUtils(intermediateModel); + } + + @Override + public ClassName className() { + return authSchemeSpecUtils.preferredAuthSchemeProviderName(); + } + + @Override + public TypeSpec poetSpec() { + return PoetUtils.createClassBuilder(className()) + .addModifiers(Modifier.PUBLIC, Modifier.FINAL) + .addAnnotation(SdkInternalApi.class) + .addField( + authSchemeSpecUtils.providerInterfaceName(), "delegate", + Modifier.PRIVATE, Modifier.FINAL) + .addField( + ParameterizedTypeName.get(List.class, String.class), "authSchemePreference", + Modifier.PRIVATE, Modifier.FINAL) + .addSuperinterface(authSchemeSpecUtils.providerInterfaceName()) + .addMethod(constructor()) + .addMethod(resolveAuthSchemeMethod()) + .build(); + } + + private MethodSpec constructor() { + return MethodSpec + .constructorBuilder() + .addModifiers(Modifier.PUBLIC) + .addParameter(authSchemeSpecUtils.providerInterfaceName(), "delegate") + .addParameter(ParameterizedTypeName.get(List.class, String.class), "authSchemePreference") + .addStatement("this.delegate = delegate") + .addStatement("this.authSchemePreference = authSchemePreference != null ? authSchemePreference : $T.emptyList()", + Collections.class) + .build(); + } + + private MethodSpec resolveAuthSchemeMethod() { + MethodSpec.Builder b = MethodSpec.methodBuilder("resolveAuthScheme") + .addModifiers(Modifier.PUBLIC) + .addAnnotation(Override.class) + .returns(authSchemeSpecUtils.resolverReturnType()) + .addParameter(authSchemeSpecUtils.parametersInterfaceName(), "params"); + b.addJavadoc("Resolve the auth schemes based on the given set of parameters."); + b.addStatement("$T candidateAuthSchemes = delegate.resolveAuthScheme(params)", + authSchemeSpecUtils.resolverReturnType()); + b.beginControlFlow("if ($T.isNullOrEmpty(authSchemePreference))", CollectionUtils.class) + .addStatement("return candidateAuthSchemes") + .endControlFlow(); + + b.addStatement("$T authSchemes = new $T<>()", authSchemeSpecUtils.resolverReturnType(), ArrayList.class); + b.beginControlFlow("authSchemePreference.forEach( preferredSchemeId -> ") + .addStatement("candidateAuthSchemes.stream().filter(a -> a.schemeId().equals(preferredSchemeId)).findFirst()" + + ".ifPresent(a -> authSchemes.add(a))") + .endControlFlow(")"); + + b.beginControlFlow("candidateAuthSchemes.forEach(candidate -> ") + .beginControlFlow("if (!authSchemes.contains(candidate))") + .addStatement("authSchemes.add(candidate)") + .endControlFlow() + .endControlFlow(")"); + + b.addStatement("return authSchemes"); + return b.build(); + } +} \ No newline at end of file From f18fcc2188e09c493292e545a9b495d3274e5c09 Mon Sep 17 00:00:00 2001 From: Ran Vaknin Date: Sun, 4 May 2025 19:22:35 -0700 Subject: [PATCH 02/13] adding test coverage --- .../scheme/query-auth-scheme-provider.java | 54 ++++++--- ...oint-auth-params-auth-scheme-provider.java | 54 ++++++--- .../PreferredAuthSchemeProviderTest.java | 106 ++++++++++++++++++ 3 files changed, 184 insertions(+), 30 deletions(-) create mode 100644 test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/PreferredAuthSchemeProviderTest.java diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/auth/scheme/query-auth-scheme-provider.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/auth/scheme/query-auth-scheme-provider.java index a4f84dc2665a..ba478a5c69d6 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/auth/scheme/query-auth-scheme-provider.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/auth/scheme/query-auth-scheme-provider.java @@ -1,27 +1,15 @@ -/* - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://aws.amazon.com/apache2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - */ - package software.amazon.awssdk.services.query.auth.scheme; +import java.util.ArrayList; import java.util.List; import java.util.function.Consumer; import software.amazon.awssdk.annotations.Generated; +import software.amazon.awssdk.annotations.SdkInternalApi; import software.amazon.awssdk.annotations.SdkPublicApi; import software.amazon.awssdk.http.auth.spi.scheme.AuthSchemeOption; import software.amazon.awssdk.http.auth.spi.scheme.AuthSchemeProvider; import software.amazon.awssdk.services.query.auth.scheme.internal.DefaultQueryAuthSchemeProvider; +import software.amazon.awssdk.services.query.auth.scheme.internal.PreferredQueryAuthSchemeProvider; /** * An auth scheme provider for Query service. The auth scheme provider takes a set of parameters using @@ -50,4 +38,40 @@ default List resolveAuthScheme(Consumer authSchemePreference); + } + + @SdkInternalApi + final class QueryAuthSchemeProviderBuilder implements Builder { + private List authSchemePreference; + + @Override + public Builder withPreferredAuthSchemes(List authSchemePreference) { + this.authSchemePreference = new ArrayList<>(authSchemePreference); + return this; + } + + @Override + public QueryAuthSchemeProvider build() { + return new PreferredQueryAuthSchemeProvider(defaultProvider(), authSchemePreference); + } + } } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/auth/scheme/query-endpoint-auth-params-auth-scheme-provider.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/auth/scheme/query-endpoint-auth-params-auth-scheme-provider.java index a4f84dc2665a..ba478a5c69d6 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/auth/scheme/query-endpoint-auth-params-auth-scheme-provider.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/auth/scheme/query-endpoint-auth-params-auth-scheme-provider.java @@ -1,27 +1,15 @@ -/* - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://aws.amazon.com/apache2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - */ - package software.amazon.awssdk.services.query.auth.scheme; +import java.util.ArrayList; import java.util.List; import java.util.function.Consumer; import software.amazon.awssdk.annotations.Generated; +import software.amazon.awssdk.annotations.SdkInternalApi; import software.amazon.awssdk.annotations.SdkPublicApi; import software.amazon.awssdk.http.auth.spi.scheme.AuthSchemeOption; import software.amazon.awssdk.http.auth.spi.scheme.AuthSchemeProvider; import software.amazon.awssdk.services.query.auth.scheme.internal.DefaultQueryAuthSchemeProvider; +import software.amazon.awssdk.services.query.auth.scheme.internal.PreferredQueryAuthSchemeProvider; /** * An auth scheme provider for Query service. The auth scheme provider takes a set of parameters using @@ -50,4 +38,40 @@ default List resolveAuthScheme(Consumer authSchemePreference); + } + + @SdkInternalApi + final class QueryAuthSchemeProviderBuilder implements Builder { + private List authSchemePreference; + + @Override + public Builder withPreferredAuthSchemes(List authSchemePreference) { + this.authSchemePreference = new ArrayList<>(authSchemePreference); + return this; + } + + @Override + public QueryAuthSchemeProvider build() { + return new PreferredQueryAuthSchemeProvider(defaultProvider(), authSchemePreference); + } + } } diff --git a/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/PreferredAuthSchemeProviderTest.java b/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/PreferredAuthSchemeProviderTest.java new file mode 100644 index 000000000000..75154d2d9d73 --- /dev/null +++ b/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/PreferredAuthSchemeProviderTest.java @@ -0,0 +1,106 @@ +/* + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"). + * You may not use this file except in compliance with the License. + * A copy of the License is located at + * + * http://aws.amazon.com/apache2.0 + * + * or in the "license" file accompanying this file. This file is distributed + * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package software.amazon.awssdk.services; + +import java.util.Arrays; +import java.util.Collections; +import java.util.List; +import java.util.stream.Stream; +import org.junit.jupiter.api.Assertions; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.Arguments; +import org.junit.jupiter.params.provider.MethodSource; +import software.amazon.awssdk.http.auth.spi.scheme.AuthSchemeOption; +import software.amazon.awssdk.regions.Region; +import software.amazon.awssdk.services.multiauth.auth.scheme.MultiauthAuthSchemeParams; +import software.amazon.awssdk.services.multiauth.auth.scheme.MultiauthAuthSchemeProvider; + +public class PreferredAuthSchemeProviderTest { + + private static final String OPERATION_SIGV4A_ONLY = "multiAuthWithOnlySigv4a"; + private static final String OPERATION_SIGV4A_AND_SIGV4 = "multiAuthWithOnlySigv4aAndSigv4"; + + private static final String SIGV4 = "aws.auth#sigv4"; + private static final String SIGV4A = "aws.auth#sigv4a"; + private static final String BEARER = "aws.auth#bearer"; + private static final String ANONYMOUS = "aws.auth#noauth"; + + @ParameterizedTest(name = "{3}") + @MethodSource("authSchemeTestCases") + void testAuthSchemePreference(List preferredAuthSchemes, String operation, String expectedFirstScheme, String testName) { + MultiauthAuthSchemeProvider provider = MultiauthAuthSchemeProvider + .builder() + .withPreferredAuthSchemes(preferredAuthSchemes) + .build(); + + MultiauthAuthSchemeParams params = MultiauthAuthSchemeParams + .builder() + .region(Region.US_WEST_2) + .operation(operation) + .build(); + + List authSchemes = provider.resolveAuthScheme(params); + + Assertions.assertFalse(authSchemes.isEmpty()); + Assertions.assertEquals(expectedFirstScheme, authSchemes.get(0).schemeId()); + } + + static Stream authSchemeTestCases() { + return Stream.of( + Arguments.of( + Arrays.asList(BEARER, ANONYMOUS), + OPERATION_SIGV4A_AND_SIGV4, + SIGV4A, + "Unsupported auth schemes only" + ), + + Arguments.of( + Arrays.asList(BEARER, SIGV4, ANONYMOUS), + OPERATION_SIGV4A_AND_SIGV4, + SIGV4, + "Mix of supported and unsupported schemes" + ), + + Arguments.of( + Arrays.asList(SIGV4, SIGV4A), + OPERATION_SIGV4A_AND_SIGV4, + SIGV4, + "All supported schemes in reverse order" + ), + + Arguments.of( + Arrays.asList(SIGV4, SIGV4A), + OPERATION_SIGV4A_ONLY, + SIGV4A, + "Operation with only one supported scheme" + ), + + Arguments.of( + Collections.emptyList(), + OPERATION_SIGV4A_AND_SIGV4, + SIGV4A, + "Empty preference list" + ), + + Arguments.of( + Arrays.asList(SIGV4A, SIGV4, BEARER), + OPERATION_SIGV4A_AND_SIGV4, + SIGV4A, + "First preference is supported" + ) + ); + } +} From 72b138642e95406d401e616384d878a22e09eb7a Mon Sep 17 00:00:00 2001 From: Ran Vaknin Date: Sun, 4 May 2025 19:57:32 -0700 Subject: [PATCH 03/13] fix formatting checkstyle --- .../codegen/poet/auth/scheme/AuthSchemeProviderSpec.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/AuthSchemeProviderSpec.java b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/AuthSchemeProviderSpec.java index 84ad362ea975..944223765a69 100644 --- a/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/AuthSchemeProviderSpec.java +++ b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/AuthSchemeProviderSpec.java @@ -167,7 +167,8 @@ private TypeSpec builderClassSpec() { "authSchemePreference" ) .returns(className().nestedClass("Builder")) - .addStatement("this.authSchemePreference = new $T<>(authSchemePreference)", ArrayList.class).addStatement("return this") + .addStatement("this.authSchemePreference = new $T<>(authSchemePreference)", ArrayList.class) + .addStatement("return this") .build()) .addMethod( MethodSpec From 39dc9e4f075b2400f24c4258ef4b074b178c584f Mon Sep 17 00:00:00 2001 From: Ran Vaknin Date: Sun, 4 May 2025 20:06:33 -0700 Subject: [PATCH 04/13] Added changelog --- .changes/next-release/feature-AWSSDKforJavav2-8e1c19d.json | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 .changes/next-release/feature-AWSSDKforJavav2-8e1c19d.json diff --git a/.changes/next-release/feature-AWSSDKforJavav2-8e1c19d.json b/.changes/next-release/feature-AWSSDKforJavav2-8e1c19d.json new file mode 100644 index 000000000000..9b79be5ad7e0 --- /dev/null +++ b/.changes/next-release/feature-AWSSDKforJavav2-8e1c19d.json @@ -0,0 +1,6 @@ +{ + "type": "feature", + "category": "AWS SDK for Java v2", + "contributor": "", + "description": "Added ability to configure preferred authentication schemes when multiple auth options are available." +} From f31aa2a553e5a263200887cd1b5398c0d0ed62ba Mon Sep 17 00:00:00 2001 From: Ran Vaknin Date: Mon, 19 May 2025 12:46:47 -0700 Subject: [PATCH 05/13] Adding test coverage --- .../PreferredAuthSchemeProviderSpec.java | 24 +- .../poet/builder/BaseClientBuilderClass.java | 8 + ...test-bearer-auth-client-builder-class.java | 52 +++-- .../sra/test-client-builder-class.java | 116 ++++----- ...-client-builder-endpoints-auth-params.java | 72 +++--- ...lient-builder-internal-defaults-class.java | 44 ++-- ...-composed-sync-default-client-builder.java | 72 +++--- ...ulti-auth-sigv4a-client-builder-class.java | 6 + ...test-no-auth-ops-client-builder-class.java | 48 ++-- ...-no-auth-service-client-builder-class.java | 48 ++-- .../sra/test-query-client-builder-class.java | 70 +++--- .../auth/AuthSchemePreferenceProvider.java | 122 ++++++++++ .../awssdk/profiles/ProfileProperty.java | 2 + .../amazon/awssdk/core/SdkSystemSetting.java | 9 +- .../VersionedRecordExtensionTest.java | 2 +- .../multiauth/service-2.json | 25 +- .../PreferredAuthSchemeProviderTest.java | 61 ++++- .../AuthSchemePreferenceProviderTest.java | 221 ++++++++++++++++++ .../MultiAuthSigningPropertiesTest.java | 2 + 19 files changed, 745 insertions(+), 259 deletions(-) create mode 100644 core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java create mode 100644 test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/multiauth/AuthSchemePreferenceProviderTest.java diff --git a/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/PreferredAuthSchemeProviderSpec.java b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/PreferredAuthSchemeProviderSpec.java index 2b43bc1691ef..a81efc30f705 100644 --- a/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/PreferredAuthSchemeProviderSpec.java +++ b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/PreferredAuthSchemeProviderSpec.java @@ -22,6 +22,7 @@ import java.util.ArrayList; import java.util.Collections; import java.util.List; +import java.util.stream.Collectors; import javax.lang.model.element.Modifier; import software.amazon.awssdk.annotations.SdkInternalApi; import software.amazon.awssdk.codegen.model.intermediate.IntermediateModel; @@ -65,7 +66,8 @@ private MethodSpec constructor() { .addParameter(authSchemeSpecUtils.providerInterfaceName(), "delegate") .addParameter(ParameterizedTypeName.get(List.class, String.class), "authSchemePreference") .addStatement("this.delegate = delegate") - .addStatement("this.authSchemePreference = authSchemePreference != null ? authSchemePreference : $T.emptyList()", + .addStatement("this.authSchemePreference = authSchemePreference != null ? authSchemePreference " + + ": $T.emptyList()", Collections.class) .build(); } @@ -80,22 +82,28 @@ private MethodSpec resolveAuthSchemeMethod() { b.addStatement("$T candidateAuthSchemes = delegate.resolveAuthScheme(params)", authSchemeSpecUtils.resolverReturnType()); b.beginControlFlow("if ($T.isNullOrEmpty(authSchemePreference))", CollectionUtils.class) - .addStatement("return candidateAuthSchemes") - .endControlFlow(); + .addStatement("return candidateAuthSchemes") + .endControlFlow(); b.addStatement("$T authSchemes = new $T<>()", authSchemeSpecUtils.resolverReturnType(), ArrayList.class); - b.beginControlFlow("authSchemePreference.forEach( preferredSchemeId -> ") - .addStatement("candidateAuthSchemes.stream().filter(a -> a.schemeId().equals(preferredSchemeId)).findFirst()" - + ".ifPresent(a -> authSchemes.add(a))") - .endControlFlow(")"); + + b.beginControlFlow("authSchemePreference.forEach(preferredSchemeId -> "); + + b.beginControlFlow("candidateAuthSchemes.stream().filter(candidate -> "); + b.addStatement("String candidateSchemeName = candidate.schemeId().contains(\"#\") ? " + + "candidate.schemeId().split(\"#\")[1] : candidate.schemeId()"); + b.addStatement("return candidateSchemeName.equals(preferredSchemeId)"); + b.endControlFlow(").findFirst().ifPresent(authSchemes::add)"); + b.endControlFlow(")"); b.beginControlFlow("candidateAuthSchemes.forEach(candidate -> ") .beginControlFlow("if (!authSchemes.contains(candidate))") .addStatement("authSchemes.add(candidate)") .endControlFlow() - .endControlFlow(")"); + .endControlFlow(")"); b.addStatement("return authSchemes"); return b.build(); } + } \ No newline at end of file diff --git a/codegen/src/main/java/software/amazon/awssdk/codegen/poet/builder/BaseClientBuilderClass.java b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/builder/BaseClientBuilderClass.java index 1ca3f9b38ba5..7b1e0c200664 100644 --- a/codegen/src/main/java/software/amazon/awssdk/codegen/poet/builder/BaseClientBuilderClass.java +++ b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/builder/BaseClientBuilderClass.java @@ -46,6 +46,7 @@ import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; +import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.codegen.internal.Utils; import software.amazon.awssdk.codegen.model.intermediate.IntermediateModel; import software.amazon.awssdk.codegen.model.intermediate.OperationModel; @@ -832,6 +833,13 @@ private MethodSpec defaultAuthSchemeProviderMethod() { return MethodSpec.methodBuilder("defaultAuthSchemeProvider") .addModifiers(PRIVATE) .returns(authSchemeSpecUtils.providerInterfaceName()) + .addStatement("$T authSchemePreferenceProvider = " + + "$T.builder().build()", AuthSchemePreferenceProvider.class, AuthSchemePreferenceProvider.class) + .addStatement("List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference()") + .beginControlFlow("if(preferences != null && !preferences.isEmpty())") + .addStatement("return $T.builder().withPreferredAuthSchemes(preferences).build()", + authSchemeSpecUtils.providerInterfaceName()) + .endControlFlow() .addStatement("return $T.defaultProvider()", authSchemeSpecUtils.providerInterfaceName()) .build(); } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-bearer-auth-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-bearer-auth-client-builder-class.java index 92a36dc95428..316f764b1013 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-bearer-auth-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-bearer-auth-client-builder-class.java @@ -13,6 +13,7 @@ import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; +import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.core.SdkPlugin; import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration; @@ -59,13 +60,13 @@ protected final String serviceName() { @Override protected final SdkClientConfiguration mergeServiceDefaults(SdkClientConfiguration config) { return config.merge(c -> c - .option(SdkClientOption.ENDPOINT_PROVIDER, defaultEndpointProvider()) - .option(SdkClientOption.AUTH_SCHEME_PROVIDER, defaultAuthSchemeProvider()) - .option(SdkClientOption.AUTH_SCHEMES, authSchemes()) - .option(SdkClientOption.CRC32_FROM_COMPRESSED_DATA_ENABLED, false) - .lazyOption(AwsClientOption.TOKEN_PROVIDER, + .option(SdkClientOption.ENDPOINT_PROVIDER, defaultEndpointProvider()) + .option(SdkClientOption.AUTH_SCHEME_PROVIDER, defaultAuthSchemeProvider()) + .option(SdkClientOption.AUTH_SCHEMES, authSchemes()) + .option(SdkClientOption.CRC32_FROM_COMPRESSED_DATA_ENABLED, false) + .lazyOption(AwsClientOption.TOKEN_PROVIDER, p -> TokenUtils.toSdkTokenProvider(p.get(AwsClientOption.TOKEN_IDENTITY_PROVIDER))) - .option(AwsClientOption.TOKEN_IDENTITY_PROVIDER, defaultTokenProvider())); + .option(AwsClientOption.TOKEN_IDENTITY_PROVIDER, defaultTokenProvider())); } @Override @@ -76,7 +77,7 @@ protected final SdkClientConfiguration finalizeServiceConfiguration(SdkClientCon endpointInterceptors.add(new JsonRequestSetEndpointInterceptor()); ClasspathInterceptorChainFactory interceptorFactory = new ClasspathInterceptorChainFactory(); List interceptors = interceptorFactory - .getInterceptors("software/amazon/awssdk/services/json/execution.interceptors"); + .getInterceptors("software/amazon/awssdk/services/json/execution.interceptors"); List additionalInterceptors = new ArrayList<>(); interceptors = CollectionUtils.mergeLists(endpointInterceptors, interceptors); interceptors = CollectionUtils.mergeLists(interceptors, additionalInterceptors); @@ -92,21 +93,21 @@ protected final SdkClientConfiguration finalizeServiceConfiguration(SdkClientCon }); builder.option(SdkClientOption.EXECUTION_INTERCEPTORS, interceptors); builder.lazyOptionIfAbsent( - SdkClientOption.CLIENT_ENDPOINT_PROVIDER, - c -> AwsClientEndpointProvider - .builder() - .serviceEndpointOverrideEnvironmentVariable("AWS_ENDPOINT_URL_JSON_SERVICE") - .serviceEndpointOverrideSystemProperty("aws.endpointUrlJson") - .serviceProfileProperty("json_service") - .serviceEndpointPrefix(serviceEndpointPrefix()) - .defaultProtocol("https") - .region(c.get(AwsClientOption.AWS_REGION)) - .profileFile(c.get(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(c.get(SdkClientOption.PROFILE_NAME)) - .putAdvancedOption(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT, - c.get(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT)) - .dualstackEnabled(c.get(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)) - .fipsEnabled(c.get(AwsClientOption.FIPS_ENDPOINT_ENABLED)).build()); + SdkClientOption.CLIENT_ENDPOINT_PROVIDER, + c -> AwsClientEndpointProvider + .builder() + .serviceEndpointOverrideEnvironmentVariable("AWS_ENDPOINT_URL_JSON_SERVICE") + .serviceEndpointOverrideSystemProperty("aws.endpointUrlJson") + .serviceProfileProperty("json_service") + .serviceEndpointPrefix(serviceEndpointPrefix()) + .defaultProtocol("https") + .region(c.get(AwsClientOption.AWS_REGION)) + .profileFile(c.get(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(c.get(SdkClientOption.PROFILE_NAME)) + .putAdvancedOption(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT, + c.get(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT)) + .dualstackEnabled(c.get(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)) + .fipsEnabled(c.get(AwsClientOption.FIPS_ENDPOINT_ENABLED)).build()); return builder.build(); } @@ -125,6 +126,11 @@ public B authSchemeProvider(JsonAuthSchemeProvider authSchemeProvider) { } private JsonAuthSchemeProvider defaultAuthSchemeProvider() { + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder().build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); + if (preferences != null && !preferences.isEmpty()) { + return JsonAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); + } return JsonAuthSchemeProvider.defaultProvider(); } @@ -194,6 +200,6 @@ private List internalPlugins(SdkClientConfiguration config) { protected static void validateClientOptions(SdkClientConfiguration c) { Validate.notNull(c.option(AwsClientOption.TOKEN_IDENTITY_PROVIDER), - "The 'tokenProvider' must be configured in the client builder."); + "The 'tokenProvider' must be configured in the client builder."); } } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-class.java index 4539aed74c0b..8339b1be808e 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-class.java @@ -15,6 +15,7 @@ import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; +import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.codegen.poet.plugins.InternalTestPlugin1; import software.amazon.awssdk.codegen.poet.plugins.InternalTestPlugin2; @@ -70,14 +71,14 @@ protected final String serviceName() { @Override protected final SdkClientConfiguration mergeServiceDefaults(SdkClientConfiguration config) { return config.merge(c -> c - .option(SdkClientOption.ENDPOINT_PROVIDER, defaultEndpointProvider()) - .option(SdkClientOption.AUTH_SCHEME_PROVIDER, defaultAuthSchemeProvider()) - .option(SdkClientOption.AUTH_SCHEMES, authSchemes()) - .option(SdkClientOption.CRC32_FROM_COMPRESSED_DATA_ENABLED, false) - .option(SdkClientOption.SERVICE_CONFIGURATION, ServiceConfiguration.builder().build()) - .lazyOption(AwsClientOption.TOKEN_PROVIDER, + .option(SdkClientOption.ENDPOINT_PROVIDER, defaultEndpointProvider()) + .option(SdkClientOption.AUTH_SCHEME_PROVIDER, defaultAuthSchemeProvider()) + .option(SdkClientOption.AUTH_SCHEMES, authSchemes()) + .option(SdkClientOption.CRC32_FROM_COMPRESSED_DATA_ENABLED, false) + .option(SdkClientOption.SERVICE_CONFIGURATION, ServiceConfiguration.builder().build()) + .lazyOption(AwsClientOption.TOKEN_PROVIDER, p -> TokenUtils.toSdkTokenProvider(p.get(AwsClientOption.TOKEN_IDENTITY_PROVIDER))) - .option(AwsClientOption.TOKEN_IDENTITY_PROVIDER, defaultTokenProvider())); + .option(AwsClientOption.TOKEN_IDENTITY_PROVIDER, defaultTokenProvider())); } @Override @@ -88,82 +89,82 @@ protected final SdkClientConfiguration finalizeServiceConfiguration(SdkClientCon endpointInterceptors.add(new JsonRequestSetEndpointInterceptor()); ClasspathInterceptorChainFactory interceptorFactory = new ClasspathInterceptorChainFactory(); List interceptors = interceptorFactory - .getInterceptors("software/amazon/awssdk/services/json/execution.interceptors"); + .getInterceptors("software/amazon/awssdk/services/json/execution.interceptors"); List additionalInterceptors = new ArrayList<>(); interceptors = CollectionUtils.mergeLists(endpointInterceptors, interceptors); interceptors = CollectionUtils.mergeLists(interceptors, additionalInterceptors); interceptors = CollectionUtils.mergeLists(interceptors, config.option(SdkClientOption.EXECUTION_INTERCEPTORS)); ServiceConfiguration.Builder serviceConfigBuilder = ((ServiceConfiguration) config - .option(SdkClientOption.SERVICE_CONFIGURATION)).toBuilder(); + .option(SdkClientOption.SERVICE_CONFIGURATION)).toBuilder(); serviceConfigBuilder.profileFile(serviceConfigBuilder.profileFileSupplier() != null ? serviceConfigBuilder - .profileFileSupplier() : config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)); + .profileFileSupplier() : config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)); serviceConfigBuilder.profileName(serviceConfigBuilder.profileName() != null ? serviceConfigBuilder.profileName() : config - .option(SdkClientOption.PROFILE_NAME)); + .option(SdkClientOption.PROFILE_NAME)); if (serviceConfigBuilder.dualstackEnabled() != null) { Validate.validState( - config.option(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED) == null, - "Dualstack has been configured on both ServiceConfiguration and the client/global level. Please limit dualstack configuration to one location."); + config.option(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED) == null, + "Dualstack has been configured on both ServiceConfiguration and the client/global level. Please limit dualstack configuration to one location."); } else { serviceConfigBuilder.dualstackEnabled(config.option(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)); } if (serviceConfigBuilder.fipsModeEnabled() != null) { Validate.validState( - config.option(AwsClientOption.FIPS_ENDPOINT_ENABLED) == null, - "Fips has been configured on both ServiceConfiguration and the client/global level. Please limit fips configuration to one location."); + config.option(AwsClientOption.FIPS_ENDPOINT_ENABLED) == null, + "Fips has been configured on both ServiceConfiguration and the client/global level. Please limit fips configuration to one location."); } else { serviceConfigBuilder.fipsModeEnabled(config.option(AwsClientOption.FIPS_ENDPOINT_ENABLED)); } if (serviceConfigBuilder.useArnRegionEnabled() != null) { Validate.validState( - clientContextParams.get(JsonClientContextParams.USE_ARN_REGION) == null, - "UseArnRegion has been configured on both ServiceConfiguration and the client/global level. Please limit UseArnRegion configuration to one location."); + clientContextParams.get(JsonClientContextParams.USE_ARN_REGION) == null, + "UseArnRegion has been configured on both ServiceConfiguration and the client/global level. Please limit UseArnRegion configuration to one location."); } else { serviceConfigBuilder.useArnRegionEnabled(clientContextParams.get(JsonClientContextParams.USE_ARN_REGION)); } if (serviceConfigBuilder.multiRegionEnabled() != null) { Validate.validState( - clientContextParams.get(JsonClientContextParams.DISABLE_MULTI_REGION_ACCESS_POINTS) == null, - "DisableMultiRegionAccessPoints has been configured on both ServiceConfiguration and the client/global level. Please limit DisableMultiRegionAccessPoints configuration to one location."); + clientContextParams.get(JsonClientContextParams.DISABLE_MULTI_REGION_ACCESS_POINTS) == null, + "DisableMultiRegionAccessPoints has been configured on both ServiceConfiguration and the client/global level. Please limit DisableMultiRegionAccessPoints configuration to one location."); } else if (clientContextParams.get(JsonClientContextParams.DISABLE_MULTI_REGION_ACCESS_POINTS) != null) { serviceConfigBuilder.multiRegionEnabled(!clientContextParams - .get(JsonClientContextParams.DISABLE_MULTI_REGION_ACCESS_POINTS)); + .get(JsonClientContextParams.DISABLE_MULTI_REGION_ACCESS_POINTS)); } if (serviceConfigBuilder.pathStyleAccessEnabled() != null) { Validate.validState( - clientContextParams.get(JsonClientContextParams.FORCE_PATH_STYLE) == null, - "ForcePathStyle has been configured on both ServiceConfiguration and the client/global level. Please limit ForcePathStyle configuration to one location."); + clientContextParams.get(JsonClientContextParams.FORCE_PATH_STYLE) == null, + "ForcePathStyle has been configured on both ServiceConfiguration and the client/global level. Please limit ForcePathStyle configuration to one location."); } else { serviceConfigBuilder.pathStyleAccessEnabled(clientContextParams.get(JsonClientContextParams.FORCE_PATH_STYLE)); } if (serviceConfigBuilder.accelerateModeEnabled() != null) { Validate.validState( - clientContextParams.get(JsonClientContextParams.ACCELERATE) == null, - "Accelerate has been configured on both ServiceConfiguration and the client/global level. Please limit Accelerate configuration to one location."); + clientContextParams.get(JsonClientContextParams.ACCELERATE) == null, + "Accelerate has been configured on both ServiceConfiguration and the client/global level. Please limit Accelerate configuration to one location."); } else { serviceConfigBuilder.accelerateModeEnabled(clientContextParams.get(JsonClientContextParams.ACCELERATE)); } Boolean checksumValidationEnabled = serviceConfigBuilder.checksumValidationEnabled(); if (checksumValidationEnabled != null) { Validate.validState( - config.option(SdkClientOption.REQUEST_CHECKSUM_CALCULATION) == null, - "Checksum behavior has been configured on both ServiceConfiguration and the client/global level. Please limit checksum behavior configuration to one location."); + config.option(SdkClientOption.REQUEST_CHECKSUM_CALCULATION) == null, + "Checksum behavior has been configured on both ServiceConfiguration and the client/global level. Please limit checksum behavior configuration to one location."); Validate.validState( - config.option(SdkClientOption.RESPONSE_CHECKSUM_VALIDATION) == null, - "Checksum behavior has been configured on both ServiceConfiguration and the client/global level. Please limit checksum behavior configuration to one location."); + config.option(SdkClientOption.RESPONSE_CHECKSUM_VALIDATION) == null, + "Checksum behavior has been configured on both ServiceConfiguration and the client/global level. Please limit checksum behavior configuration to one location."); if (checksumValidationEnabled) { config = config.toBuilder() - .option(SdkClientOption.REQUEST_CHECKSUM_CALCULATION, RequestChecksumCalculation.WHEN_SUPPORTED) - .option(SdkClientOption.RESPONSE_CHECKSUM_VALIDATION, ResponseChecksumValidation.WHEN_SUPPORTED).build(); + .option(SdkClientOption.REQUEST_CHECKSUM_CALCULATION, RequestChecksumCalculation.WHEN_SUPPORTED) + .option(SdkClientOption.RESPONSE_CHECKSUM_VALIDATION, ResponseChecksumValidation.WHEN_SUPPORTED).build(); } else { config = config.toBuilder() - .option(SdkClientOption.REQUEST_CHECKSUM_CALCULATION, RequestChecksumCalculation.WHEN_REQUIRED) - .option(SdkClientOption.RESPONSE_CHECKSUM_VALIDATION, ResponseChecksumValidation.WHEN_REQUIRED).build(); + .option(SdkClientOption.REQUEST_CHECKSUM_CALCULATION, RequestChecksumCalculation.WHEN_REQUIRED) + .option(SdkClientOption.RESPONSE_CHECKSUM_VALIDATION, ResponseChecksumValidation.WHEN_REQUIRED).build(); } } ServiceConfiguration finalServiceConfig = serviceConfigBuilder.build(); clientContextParams.put(JsonClientContextParams.USE_ARN_REGION, finalServiceConfig.useArnRegionEnabled()); clientContextParams.put(JsonClientContextParams.DISABLE_MULTI_REGION_ACCESS_POINTS, - !finalServiceConfig.multiRegionEnabled()); + !finalServiceConfig.multiRegionEnabled()); clientContextParams.put(JsonClientContextParams.FORCE_PATH_STYLE, finalServiceConfig.pathStyleAccessEnabled()); clientContextParams.put(JsonClientContextParams.ACCELERATE, finalServiceConfig.accelerateModeEnabled()); SdkClientConfiguration.Builder builder = config.toBuilder(); @@ -188,21 +189,21 @@ protected final SdkClientConfiguration finalizeServiceConfiguration(SdkClientCon } builder.option(SdkClientOption.SERVICE_CONFIGURATION, finalServiceConfig); builder.lazyOptionIfAbsent( - SdkClientOption.CLIENT_ENDPOINT_PROVIDER, - c -> AwsClientEndpointProvider - .builder() - .serviceEndpointOverrideEnvironmentVariable("AWS_ENDPOINT_URL_JSON_SERVICE") - .serviceEndpointOverrideSystemProperty("aws.endpointUrlJson") - .serviceProfileProperty("json_service") - .serviceEndpointPrefix(serviceEndpointPrefix()) - .defaultProtocol("https") - .region(c.get(AwsClientOption.AWS_REGION)) - .profileFile(c.get(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(c.get(SdkClientOption.PROFILE_NAME)) - .putAdvancedOption(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT, - c.get(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT)) - .dualstackEnabled(c.get(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)) - .fipsEnabled(c.get(AwsClientOption.FIPS_ENDPOINT_ENABLED)).build()); + SdkClientOption.CLIENT_ENDPOINT_PROVIDER, + c -> AwsClientEndpointProvider + .builder() + .serviceEndpointOverrideEnvironmentVariable("AWS_ENDPOINT_URL_JSON_SERVICE") + .serviceEndpointOverrideSystemProperty("aws.endpointUrlJson") + .serviceProfileProperty("json_service") + .serviceEndpointPrefix(serviceEndpointPrefix()) + .defaultProtocol("https") + .region(c.get(AwsClientOption.AWS_REGION)) + .profileFile(c.get(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(c.get(SdkClientOption.PROFILE_NAME)) + .putAdvancedOption(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT, + c.get(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT)) + .dualstackEnabled(c.get(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)) + .fipsEnabled(c.get(AwsClientOption.FIPS_ENDPOINT_ENABLED)).build()); SdkClientConfiguration clientConfig = config; builder.lazyOption(SdkClientOption.REQUEST_CHECKSUM_CALCULATION, c -> resolveRequestChecksumCalculation(clientConfig)); builder.lazyOption(SdkClientOption.RESPONSE_CHECKSUM_VALIDATION, c -> resolveResponseChecksumValidation(clientConfig)); @@ -224,6 +225,11 @@ public B authSchemeProvider(JsonAuthSchemeProvider authSchemeProvider) { } private JsonAuthSchemeProvider defaultAuthSchemeProvider() { + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder().build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); + if (preferences != null && !preferences.isEmpty()) { + return JsonAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); + } return JsonAuthSchemeProvider.defaultProvider(); } @@ -325,9 +331,9 @@ private RequestChecksumCalculation resolveRequestChecksumCalculation(SdkClientCo RequestChecksumCalculation configuredChecksumCalculation = config.option(SdkClientOption.REQUEST_CHECKSUM_CALCULATION); if (configuredChecksumCalculation == null) { configuredChecksumCalculation = RequestChecksumCalculationResolver.create() - .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(config.option(SdkClientOption.PROFILE_NAME)) - .defaultChecksumCalculation(RequestChecksumCalculation.WHEN_SUPPORTED).resolve(); + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)) + .defaultChecksumCalculation(RequestChecksumCalculation.WHEN_SUPPORTED).resolve(); } return configuredChecksumCalculation; } @@ -336,15 +342,15 @@ private ResponseChecksumValidation resolveResponseChecksumValidation(SdkClientCo ResponseChecksumValidation configuredChecksumValidation = config.option(SdkClientOption.RESPONSE_CHECKSUM_VALIDATION); if (configuredChecksumValidation == null) { configuredChecksumValidation = ResponseChecksumValidationResolver.create() - .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(config.option(SdkClientOption.PROFILE_NAME)) - .defaultChecksumValidation(ResponseChecksumValidation.WHEN_SUPPORTED).resolve(); + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)) + .defaultChecksumValidation(ResponseChecksumValidation.WHEN_SUPPORTED).resolve(); } return configuredChecksumValidation; } protected static void validateClientOptions(SdkClientConfiguration c) { Validate.notNull(c.option(AwsClientOption.TOKEN_IDENTITY_PROVIDER), - "The 'tokenProvider' must be configured in the client builder."); + "The 'tokenProvider' must be configured in the client builder."); } } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-endpoints-auth-params.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-endpoints-auth-params.java index 80511b9556ce..367eb3f56dbd 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-endpoints-auth-params.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-endpoints-auth-params.java @@ -15,6 +15,7 @@ import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; import software.amazon.awssdk.awscore.endpoints.AccountIdEndpointMode; import software.amazon.awssdk.awscore.endpoints.AccountIdEndpointModeResolver; +import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.core.SdkPlugin; import software.amazon.awssdk.core.checksums.RequestChecksumCalculation; @@ -69,13 +70,13 @@ protected final String serviceName() { @Override protected final SdkClientConfiguration mergeServiceDefaults(SdkClientConfiguration config) { return config.merge(c -> c - .option(SdkClientOption.ENDPOINT_PROVIDER, defaultEndpointProvider()) - .option(SdkClientOption.AUTH_SCHEME_PROVIDER, defaultAuthSchemeProvider()) - .option(SdkClientOption.AUTH_SCHEMES, authSchemes()) - .option(SdkClientOption.CRC32_FROM_COMPRESSED_DATA_ENABLED, false) - .lazyOption(AwsClientOption.TOKEN_PROVIDER, + .option(SdkClientOption.ENDPOINT_PROVIDER, defaultEndpointProvider()) + .option(SdkClientOption.AUTH_SCHEME_PROVIDER, defaultAuthSchemeProvider()) + .option(SdkClientOption.AUTH_SCHEMES, authSchemes()) + .option(SdkClientOption.CRC32_FROM_COMPRESSED_DATA_ENABLED, false) + .lazyOption(AwsClientOption.TOKEN_PROVIDER, p -> TokenUtils.toSdkTokenProvider(p.get(AwsClientOption.TOKEN_IDENTITY_PROVIDER))) - .option(AwsClientOption.TOKEN_IDENTITY_PROVIDER, defaultTokenProvider())); + .option(AwsClientOption.TOKEN_IDENTITY_PROVIDER, defaultTokenProvider())); } @Override @@ -86,7 +87,7 @@ protected final SdkClientConfiguration finalizeServiceConfiguration(SdkClientCon endpointInterceptors.add(new QueryRequestSetEndpointInterceptor()); ClasspathInterceptorChainFactory interceptorFactory = new ClasspathInterceptorChainFactory(); List interceptors = interceptorFactory - .getInterceptors("software/amazon/awssdk/services/query/execution.interceptors"); + .getInterceptors("software/amazon/awssdk/services/query/execution.interceptors"); List additionalInterceptors = new ArrayList<>(); interceptors = CollectionUtils.mergeLists(endpointInterceptors, interceptors); interceptors = CollectionUtils.mergeLists(interceptors, additionalInterceptors); @@ -108,21 +109,21 @@ protected final SdkClientConfiguration finalizeServiceConfiguration(SdkClientCon builder.option(SdkClientOption.CLIENT_CONTEXT_PARAMS, clientContextParams.build()); builder.option(AwsClientOption.ACCOUNT_ID_ENDPOINT_MODE, resolveAccountIdEndpointMode(config)); builder.lazyOptionIfAbsent( - SdkClientOption.CLIENT_ENDPOINT_PROVIDER, - c -> AwsClientEndpointProvider - .builder() - .serviceEndpointOverrideEnvironmentVariable("AWS_ENDPOINT_URL_QUERY_SERVICE") - .serviceEndpointOverrideSystemProperty("aws.endpointUrlQuery") - .serviceProfileProperty("query_service") - .serviceEndpointPrefix(serviceEndpointPrefix()) - .defaultProtocol("https") - .region(c.get(AwsClientOption.AWS_REGION)) - .profileFile(c.get(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(c.get(SdkClientOption.PROFILE_NAME)) - .putAdvancedOption(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT, - c.get(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT)) - .dualstackEnabled(c.get(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)) - .fipsEnabled(c.get(AwsClientOption.FIPS_ENDPOINT_ENABLED)).build()); + SdkClientOption.CLIENT_ENDPOINT_PROVIDER, + c -> AwsClientEndpointProvider + .builder() + .serviceEndpointOverrideEnvironmentVariable("AWS_ENDPOINT_URL_QUERY_SERVICE") + .serviceEndpointOverrideSystemProperty("aws.endpointUrlQuery") + .serviceProfileProperty("query_service") + .serviceEndpointPrefix(serviceEndpointPrefix()) + .defaultProtocol("https") + .region(c.get(AwsClientOption.AWS_REGION)) + .profileFile(c.get(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(c.get(SdkClientOption.PROFILE_NAME)) + .putAdvancedOption(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT, + c.get(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT)) + .dualstackEnabled(c.get(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)) + .fipsEnabled(c.get(AwsClientOption.FIPS_ENDPOINT_ENABLED)).build()); SdkClientConfiguration clientConfig = config; builder.lazyOption(SdkClientOption.REQUEST_CHECKSUM_CALCULATION, c -> resolveRequestChecksumCalculation(clientConfig)); builder.lazyOption(SdkClientOption.RESPONSE_CHECKSUM_VALIDATION, c -> resolveResponseChecksumValidation(clientConfig)); @@ -144,6 +145,11 @@ public B authSchemeProvider(QueryAuthSchemeProvider authSchemeProvider) { } private QueryAuthSchemeProvider defaultAuthSchemeProvider() { + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder().build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); + if (preferences != null && !preferences.isEmpty()) { + return QueryAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); + } return QueryAuthSchemeProvider.defaultProvider(); } @@ -244,9 +250,9 @@ private AccountIdEndpointMode resolveAccountIdEndpointMode(SdkClientConfiguratio AccountIdEndpointMode configuredMode = config.option(AwsClientOption.ACCOUNT_ID_ENDPOINT_MODE); if (configuredMode == null) { configuredMode = AccountIdEndpointModeResolver.create() - .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(config.option(SdkClientOption.PROFILE_NAME)).defaultMode(AccountIdEndpointMode.PREFERRED) - .resolve(); + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)).defaultMode(AccountIdEndpointMode.PREFERRED) + .resolve(); } return configuredMode; } @@ -255,9 +261,9 @@ private RequestChecksumCalculation resolveRequestChecksumCalculation(SdkClientCo RequestChecksumCalculation configuredChecksumCalculation = config.option(SdkClientOption.REQUEST_CHECKSUM_CALCULATION); if (configuredChecksumCalculation == null) { configuredChecksumCalculation = RequestChecksumCalculationResolver.create() - .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(config.option(SdkClientOption.PROFILE_NAME)) - .defaultChecksumCalculation(RequestChecksumCalculation.WHEN_SUPPORTED).resolve(); + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)) + .defaultChecksumCalculation(RequestChecksumCalculation.WHEN_SUPPORTED).resolve(); } return configuredChecksumCalculation; } @@ -266,21 +272,21 @@ private ResponseChecksumValidation resolveResponseChecksumValidation(SdkClientCo ResponseChecksumValidation configuredChecksumValidation = config.option(SdkClientOption.RESPONSE_CHECKSUM_VALIDATION); if (configuredChecksumValidation == null) { configuredChecksumValidation = ResponseChecksumValidationResolver.create() - .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(config.option(SdkClientOption.PROFILE_NAME)) - .defaultChecksumValidation(ResponseChecksumValidation.WHEN_SUPPORTED).resolve(); + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)) + .defaultChecksumValidation(ResponseChecksumValidation.WHEN_SUPPORTED).resolve(); } return configuredChecksumValidation; } protected static void validateClientOptions(SdkClientConfiguration c) { Validate.notNull(c.option(AwsClientOption.TOKEN_IDENTITY_PROVIDER), - "The 'tokenProvider' must be configured in the client builder."); + "The 'tokenProvider' must be configured in the client builder."); } public B sigv4aSigningRegionSet(RegionSet sigv4aSigningRegionSet) { clientConfiguration.option(AwsClientOption.AWS_SIGV4A_SIGNING_REGION_SET, - sigv4aSigningRegionSet == null ? Collections.emptySet() : sigv4aSigningRegionSet.asSet()); + sigv4aSigningRegionSet == null ? Collections.emptySet() : sigv4aSigningRegionSet.asSet()); return thisBuilder(); } } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-internal-defaults-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-internal-defaults-class.java index 21854bd71571..2fdda8def833 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-internal-defaults-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-internal-defaults-class.java @@ -11,6 +11,7 @@ import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; +import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.core.SdkPlugin; import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration; @@ -55,9 +56,9 @@ protected final String serviceName() { @Override protected final SdkClientConfiguration mergeServiceDefaults(SdkClientConfiguration config) { return config.merge(c -> c.option(SdkClientOption.ENDPOINT_PROVIDER, defaultEndpointProvider()) - .option(SdkClientOption.AUTH_SCHEME_PROVIDER, defaultAuthSchemeProvider()) - .option(SdkClientOption.AUTH_SCHEMES, authSchemes()) - .option(SdkClientOption.CRC32_FROM_COMPRESSED_DATA_ENABLED, false)); + .option(SdkClientOption.AUTH_SCHEME_PROVIDER, defaultAuthSchemeProvider()) + .option(SdkClientOption.AUTH_SCHEMES, authSchemes()) + .option(SdkClientOption.CRC32_FROM_COMPRESSED_DATA_ENABLED, false)); } @Override @@ -76,7 +77,7 @@ protected final SdkClientConfiguration finalizeServiceConfiguration(SdkClientCon endpointInterceptors.add(new JsonRequestSetEndpointInterceptor()); ClasspathInterceptorChainFactory interceptorFactory = new ClasspathInterceptorChainFactory(); List interceptors = interceptorFactory - .getInterceptors("software/amazon/awssdk/services/json/execution.interceptors"); + .getInterceptors("software/amazon/awssdk/services/json/execution.interceptors"); List additionalInterceptors = new ArrayList<>(); interceptors = CollectionUtils.mergeLists(endpointInterceptors, interceptors); interceptors = CollectionUtils.mergeLists(interceptors, additionalInterceptors); @@ -92,21 +93,21 @@ protected final SdkClientConfiguration finalizeServiceConfiguration(SdkClientCon }); builder.option(SdkClientOption.EXECUTION_INTERCEPTORS, interceptors); builder.lazyOptionIfAbsent( - SdkClientOption.CLIENT_ENDPOINT_PROVIDER, - c -> AwsClientEndpointProvider - .builder() - .serviceEndpointOverrideEnvironmentVariable("AWS_ENDPOINT_URL_JSON_SERVICE") - .serviceEndpointOverrideSystemProperty("aws.endpointUrlJson") - .serviceProfileProperty("json_service") - .serviceEndpointPrefix(serviceEndpointPrefix()) - .defaultProtocol("https") - .region(c.get(AwsClientOption.AWS_REGION)) - .profileFile(c.get(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(c.get(SdkClientOption.PROFILE_NAME)) - .putAdvancedOption(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT, - c.get(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT)) - .dualstackEnabled(c.get(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)) - .fipsEnabled(c.get(AwsClientOption.FIPS_ENDPOINT_ENABLED)).build()); + SdkClientOption.CLIENT_ENDPOINT_PROVIDER, + c -> AwsClientEndpointProvider + .builder() + .serviceEndpointOverrideEnvironmentVariable("AWS_ENDPOINT_URL_JSON_SERVICE") + .serviceEndpointOverrideSystemProperty("aws.endpointUrlJson") + .serviceProfileProperty("json_service") + .serviceEndpointPrefix(serviceEndpointPrefix()) + .defaultProtocol("https") + .region(c.get(AwsClientOption.AWS_REGION)) + .profileFile(c.get(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(c.get(SdkClientOption.PROFILE_NAME)) + .putAdvancedOption(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT, + c.get(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT)) + .dualstackEnabled(c.get(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)) + .fipsEnabled(c.get(AwsClientOption.FIPS_ENDPOINT_ENABLED)).build()); return builder.build(); } @@ -125,6 +126,11 @@ public B authSchemeProvider(JsonAuthSchemeProvider authSchemeProvider) { } private JsonAuthSchemeProvider defaultAuthSchemeProvider() { + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder().build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); + if (preferences != null && !preferences.isEmpty()) { + return JsonAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); + } return JsonAuthSchemeProvider.defaultProvider(); } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-composed-sync-default-client-builder.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-composed-sync-default-client-builder.java index c441fcd575e4..766f5b942bcb 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-composed-sync-default-client-builder.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-composed-sync-default-client-builder.java @@ -13,6 +13,7 @@ import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; +import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.core.SdkPlugin; import software.amazon.awssdk.core.checksums.RequestChecksumCalculation; @@ -65,14 +66,14 @@ protected final String serviceName() { @Override protected final SdkClientConfiguration mergeServiceDefaults(SdkClientConfiguration config) { return config.merge(c -> c - .option(SdkClientOption.ENDPOINT_PROVIDER, defaultEndpointProvider()) - .option(SdkClientOption.AUTH_SCHEME_PROVIDER, defaultAuthSchemeProvider()) - .option(SdkClientOption.AUTH_SCHEMES, authSchemes()) - .option(SdkClientOption.CRC32_FROM_COMPRESSED_DATA_ENABLED, false) - .option(SdkClientOption.SERVICE_CONFIGURATION, ServiceConfiguration.builder().build()) - .lazyOption(AwsClientOption.TOKEN_PROVIDER, + .option(SdkClientOption.ENDPOINT_PROVIDER, defaultEndpointProvider()) + .option(SdkClientOption.AUTH_SCHEME_PROVIDER, defaultAuthSchemeProvider()) + .option(SdkClientOption.AUTH_SCHEMES, authSchemes()) + .option(SdkClientOption.CRC32_FROM_COMPRESSED_DATA_ENABLED, false) + .option(SdkClientOption.SERVICE_CONFIGURATION, ServiceConfiguration.builder().build()) + .lazyOption(AwsClientOption.TOKEN_PROVIDER, p -> TokenUtils.toSdkTokenProvider(p.get(AwsClientOption.TOKEN_IDENTITY_PROVIDER))) - .option(AwsClientOption.TOKEN_IDENTITY_PROVIDER, defaultTokenProvider())); + .option(AwsClientOption.TOKEN_IDENTITY_PROVIDER, defaultTokenProvider())); } @Override @@ -83,17 +84,17 @@ protected final SdkClientConfiguration finalizeServiceConfiguration(SdkClientCon endpointInterceptors.add(new JsonRequestSetEndpointInterceptor()); ClasspathInterceptorChainFactory interceptorFactory = new ClasspathInterceptorChainFactory(); List interceptors = interceptorFactory - .getInterceptors("software/amazon/awssdk/services/json/execution.interceptors"); + .getInterceptors("software/amazon/awssdk/services/json/execution.interceptors"); List additionalInterceptors = new ArrayList<>(); interceptors = CollectionUtils.mergeLists(endpointInterceptors, interceptors); interceptors = CollectionUtils.mergeLists(interceptors, additionalInterceptors); interceptors = CollectionUtils.mergeLists(interceptors, config.option(SdkClientOption.EXECUTION_INTERCEPTORS)); ServiceConfiguration.Builder serviceConfigBuilder = ((ServiceConfiguration) config - .option(SdkClientOption.SERVICE_CONFIGURATION)).toBuilder(); + .option(SdkClientOption.SERVICE_CONFIGURATION)).toBuilder(); serviceConfigBuilder.profileFile(serviceConfigBuilder.profileFileSupplier() != null ? serviceConfigBuilder - .profileFileSupplier() : config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)); + .profileFileSupplier() : config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)); serviceConfigBuilder.profileName(serviceConfigBuilder.profileName() != null ? serviceConfigBuilder.profileName() : config - .option(SdkClientOption.PROFILE_NAME)); + .option(SdkClientOption.PROFILE_NAME)); ServiceConfiguration finalServiceConfig = serviceConfigBuilder.build(); SdkClientConfiguration.Builder builder = config.toBuilder(); builder.lazyOption(SdkClientOption.IDENTITY_PROVIDERS, c -> { @@ -111,21 +112,21 @@ protected final SdkClientConfiguration finalizeServiceConfiguration(SdkClientCon builder.option(SdkClientOption.EXECUTION_INTERCEPTORS, interceptors); builder.option(SdkClientOption.SERVICE_CONFIGURATION, finalServiceConfig); builder.lazyOptionIfAbsent( - SdkClientOption.CLIENT_ENDPOINT_PROVIDER, - c -> AwsClientEndpointProvider - .builder() - .serviceEndpointOverrideEnvironmentVariable("AWS_ENDPOINT_URL_JSON_SERVICE") - .serviceEndpointOverrideSystemProperty("aws.endpointUrlJson") - .serviceProfileProperty("json_service") - .serviceEndpointPrefix(serviceEndpointPrefix()) - .defaultProtocol("https") - .region(c.get(AwsClientOption.AWS_REGION)) - .profileFile(c.get(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(c.get(SdkClientOption.PROFILE_NAME)) - .putAdvancedOption(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT, - c.get(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT)) - .dualstackEnabled(c.get(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)) - .fipsEnabled(c.get(AwsClientOption.FIPS_ENDPOINT_ENABLED)).build()); + SdkClientOption.CLIENT_ENDPOINT_PROVIDER, + c -> AwsClientEndpointProvider + .builder() + .serviceEndpointOverrideEnvironmentVariable("AWS_ENDPOINT_URL_JSON_SERVICE") + .serviceEndpointOverrideSystemProperty("aws.endpointUrlJson") + .serviceProfileProperty("json_service") + .serviceEndpointPrefix(serviceEndpointPrefix()) + .defaultProtocol("https") + .region(c.get(AwsClientOption.AWS_REGION)) + .profileFile(c.get(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(c.get(SdkClientOption.PROFILE_NAME)) + .putAdvancedOption(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT, + c.get(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT)) + .dualstackEnabled(c.get(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)) + .fipsEnabled(c.get(AwsClientOption.FIPS_ENDPOINT_ENABLED)).build()); SdkClientConfiguration clientConfig = config; builder.lazyOption(SdkClientOption.REQUEST_CHECKSUM_CALCULATION, c -> resolveRequestChecksumCalculation(clientConfig)); builder.lazyOption(SdkClientOption.RESPONSE_CHECKSUM_VALIDATION, c -> resolveResponseChecksumValidation(clientConfig)); @@ -147,6 +148,11 @@ public B authSchemeProvider(JsonAuthSchemeProvider authSchemeProvider) { } private JsonAuthSchemeProvider defaultAuthSchemeProvider() { + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder().build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); + if (preferences != null && !preferences.isEmpty()) { + return JsonAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); + } return JsonAuthSchemeProvider.defaultProvider(); } @@ -244,9 +250,9 @@ private RequestChecksumCalculation resolveRequestChecksumCalculation(SdkClientCo RequestChecksumCalculation configuredChecksumCalculation = config.option(SdkClientOption.REQUEST_CHECKSUM_CALCULATION); if (configuredChecksumCalculation == null) { configuredChecksumCalculation = RequestChecksumCalculationResolver.create() - .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(config.option(SdkClientOption.PROFILE_NAME)) - .defaultChecksumCalculation(RequestChecksumCalculation.WHEN_SUPPORTED).resolve(); + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)) + .defaultChecksumCalculation(RequestChecksumCalculation.WHEN_SUPPORTED).resolve(); } return configuredChecksumCalculation; } @@ -255,15 +261,15 @@ private ResponseChecksumValidation resolveResponseChecksumValidation(SdkClientCo ResponseChecksumValidation configuredChecksumValidation = config.option(SdkClientOption.RESPONSE_CHECKSUM_VALIDATION); if (configuredChecksumValidation == null) { configuredChecksumValidation = ResponseChecksumValidationResolver.create() - .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(config.option(SdkClientOption.PROFILE_NAME)) - .defaultChecksumValidation(ResponseChecksumValidation.WHEN_SUPPORTED).resolve(); + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)) + .defaultChecksumValidation(ResponseChecksumValidation.WHEN_SUPPORTED).resolve(); } return configuredChecksumValidation; } protected static void validateClientOptions(SdkClientConfiguration c) { Validate.notNull(c.option(AwsClientOption.TOKEN_IDENTITY_PROVIDER), - "The 'tokenProvider' must be configured in the client builder."); + "The 'tokenProvider' must be configured in the client builder."); } } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-multi-auth-sigv4a-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-multi-auth-sigv4a-client-builder-class.java index 51c803fcad77..98efb07e4281 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-multi-auth-sigv4a-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-multi-auth-sigv4a-client-builder-class.java @@ -11,6 +11,7 @@ import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; +import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.core.SdkPlugin; import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration; @@ -120,6 +121,11 @@ public B authSchemeProvider(DatabaseAuthSchemeProvider authSchemeProvider) { } private DatabaseAuthSchemeProvider defaultAuthSchemeProvider() { + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder().build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); + if (preferences != null && !preferences.isEmpty()) { + return DatabaseAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); + } return DatabaseAuthSchemeProvider.defaultProvider(); } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-ops-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-ops-client-builder-class.java index 5552d96a771f..b62f7273ebc9 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-ops-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-ops-client-builder-class.java @@ -11,6 +11,7 @@ import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; +import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.core.SdkPlugin; import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration; @@ -41,7 +42,7 @@ @Generated("software.amazon.awssdk:codegen") @SdkInternalApi abstract class DefaultDatabaseBaseClientBuilder, C> extends - AwsDefaultClientBuilder { + AwsDefaultClientBuilder { private final Map> additionalAuthSchemes = new HashMap<>(); @Override @@ -57,9 +58,9 @@ protected final String serviceName() { @Override protected final SdkClientConfiguration mergeServiceDefaults(SdkClientConfiguration config) { return config.merge(c -> c.option(SdkClientOption.ENDPOINT_PROVIDER, defaultEndpointProvider()) - .option(SdkClientOption.AUTH_SCHEME_PROVIDER, defaultAuthSchemeProvider()) - .option(SdkClientOption.AUTH_SCHEMES, authSchemes()) - .option(SdkClientOption.CRC32_FROM_COMPRESSED_DATA_ENABLED, false)); + .option(SdkClientOption.AUTH_SCHEME_PROVIDER, defaultAuthSchemeProvider()) + .option(SdkClientOption.AUTH_SCHEMES, authSchemes()) + .option(SdkClientOption.CRC32_FROM_COMPRESSED_DATA_ENABLED, false)); } @Override @@ -70,7 +71,7 @@ protected final SdkClientConfiguration finalizeServiceConfiguration(SdkClientCon endpointInterceptors.add(new DatabaseRequestSetEndpointInterceptor()); ClasspathInterceptorChainFactory interceptorFactory = new ClasspathInterceptorChainFactory(); List interceptors = interceptorFactory - .getInterceptors("software/amazon/awssdk/services/database/execution.interceptors"); + .getInterceptors("software/amazon/awssdk/services/database/execution.interceptors"); List additionalInterceptors = new ArrayList<>(); interceptors = CollectionUtils.mergeLists(endpointInterceptors, interceptors); interceptors = CollectionUtils.mergeLists(interceptors, additionalInterceptors); @@ -86,21 +87,21 @@ protected final SdkClientConfiguration finalizeServiceConfiguration(SdkClientCon }); builder.option(SdkClientOption.EXECUTION_INTERCEPTORS, interceptors); builder.lazyOptionIfAbsent( - SdkClientOption.CLIENT_ENDPOINT_PROVIDER, - c -> AwsClientEndpointProvider - .builder() - .serviceEndpointOverrideEnvironmentVariable("AWS_ENDPOINT_URL_DATABASE_SERVICE") - .serviceEndpointOverrideSystemProperty("aws.endpointUrlDatabase") - .serviceProfileProperty("database_service") - .serviceEndpointPrefix(serviceEndpointPrefix()) - .defaultProtocol("https") - .region(c.get(AwsClientOption.AWS_REGION)) - .profileFile(c.get(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(c.get(SdkClientOption.PROFILE_NAME)) - .putAdvancedOption(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT, - c.get(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT)) - .dualstackEnabled(c.get(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)) - .fipsEnabled(c.get(AwsClientOption.FIPS_ENDPOINT_ENABLED)).build()); + SdkClientOption.CLIENT_ENDPOINT_PROVIDER, + c -> AwsClientEndpointProvider + .builder() + .serviceEndpointOverrideEnvironmentVariable("AWS_ENDPOINT_URL_DATABASE_SERVICE") + .serviceEndpointOverrideSystemProperty("aws.endpointUrlDatabase") + .serviceProfileProperty("database_service") + .serviceEndpointPrefix(serviceEndpointPrefix()) + .defaultProtocol("https") + .region(c.get(AwsClientOption.AWS_REGION)) + .profileFile(c.get(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(c.get(SdkClientOption.PROFILE_NAME)) + .putAdvancedOption(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT, + c.get(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT)) + .dualstackEnabled(c.get(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)) + .fipsEnabled(c.get(AwsClientOption.FIPS_ENDPOINT_ENABLED)).build()); return builder.build(); } @@ -119,6 +120,11 @@ public B authSchemeProvider(DatabaseAuthSchemeProvider authSchemeProvider) { } private DatabaseAuthSchemeProvider defaultAuthSchemeProvider() { + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder().build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); + if (preferences != null && !preferences.isEmpty()) { + return DatabaseAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); + } return DatabaseAuthSchemeProvider.defaultProvider(); } @@ -150,7 +156,7 @@ protected SdkClientConfiguration invokePlugins(SdkClientConfiguration config) { List plugins = CollectionUtils.mergeLists(internalPlugins, externalPlugins); SdkClientConfiguration.Builder configuration = config.toBuilder(); DatabaseServiceClientConfigurationBuilder serviceConfigBuilder = new DatabaseServiceClientConfigurationBuilder( - configuration); + configuration); for (SdkPlugin plugin : plugins) { plugin.configureClient(serviceConfigBuilder); } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-service-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-service-client-builder-class.java index 9f49074aa7d7..b92b497a00f8 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-service-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-service-client-builder-class.java @@ -11,6 +11,7 @@ import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; +import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.core.SdkPlugin; import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration; @@ -38,7 +39,7 @@ @Generated("software.amazon.awssdk:codegen") @SdkInternalApi abstract class DefaultDatabaseBaseClientBuilder, C> extends - AwsDefaultClientBuilder { + AwsDefaultClientBuilder { private final Map> additionalAuthSchemes = new HashMap<>(); @Override @@ -54,9 +55,9 @@ protected final String serviceName() { @Override protected final SdkClientConfiguration mergeServiceDefaults(SdkClientConfiguration config) { return config.merge(c -> c.option(SdkClientOption.ENDPOINT_PROVIDER, defaultEndpointProvider()) - .option(SdkClientOption.AUTH_SCHEME_PROVIDER, defaultAuthSchemeProvider()) - .option(SdkClientOption.AUTH_SCHEMES, authSchemes()) - .option(SdkClientOption.CRC32_FROM_COMPRESSED_DATA_ENABLED, false)); + .option(SdkClientOption.AUTH_SCHEME_PROVIDER, defaultAuthSchemeProvider()) + .option(SdkClientOption.AUTH_SCHEMES, authSchemes()) + .option(SdkClientOption.CRC32_FROM_COMPRESSED_DATA_ENABLED, false)); } @Override @@ -67,7 +68,7 @@ protected final SdkClientConfiguration finalizeServiceConfiguration(SdkClientCon endpointInterceptors.add(new DatabaseRequestSetEndpointInterceptor()); ClasspathInterceptorChainFactory interceptorFactory = new ClasspathInterceptorChainFactory(); List interceptors = interceptorFactory - .getInterceptors("software/amazon/awssdk/services/database/execution.interceptors"); + .getInterceptors("software/amazon/awssdk/services/database/execution.interceptors"); List additionalInterceptors = new ArrayList<>(); interceptors = CollectionUtils.mergeLists(endpointInterceptors, interceptors); interceptors = CollectionUtils.mergeLists(interceptors, additionalInterceptors); @@ -79,21 +80,21 @@ protected final SdkClientConfiguration finalizeServiceConfiguration(SdkClientCon }); builder.option(SdkClientOption.EXECUTION_INTERCEPTORS, interceptors); builder.lazyOptionIfAbsent( - SdkClientOption.CLIENT_ENDPOINT_PROVIDER, - c -> AwsClientEndpointProvider - .builder() - .serviceEndpointOverrideEnvironmentVariable("AWS_ENDPOINT_URL_DATABASE_SERVICE") - .serviceEndpointOverrideSystemProperty("aws.endpointUrlDatabase") - .serviceProfileProperty("database_service") - .serviceEndpointPrefix(serviceEndpointPrefix()) - .defaultProtocol("https") - .region(c.get(AwsClientOption.AWS_REGION)) - .profileFile(c.get(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(c.get(SdkClientOption.PROFILE_NAME)) - .putAdvancedOption(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT, - c.get(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT)) - .dualstackEnabled(c.get(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)) - .fipsEnabled(c.get(AwsClientOption.FIPS_ENDPOINT_ENABLED)).build()); + SdkClientOption.CLIENT_ENDPOINT_PROVIDER, + c -> AwsClientEndpointProvider + .builder() + .serviceEndpointOverrideEnvironmentVariable("AWS_ENDPOINT_URL_DATABASE_SERVICE") + .serviceEndpointOverrideSystemProperty("aws.endpointUrlDatabase") + .serviceProfileProperty("database_service") + .serviceEndpointPrefix(serviceEndpointPrefix()) + .defaultProtocol("https") + .region(c.get(AwsClientOption.AWS_REGION)) + .profileFile(c.get(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(c.get(SdkClientOption.PROFILE_NAME)) + .putAdvancedOption(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT, + c.get(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT)) + .dualstackEnabled(c.get(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)) + .fipsEnabled(c.get(AwsClientOption.FIPS_ENDPOINT_ENABLED)).build()); return builder.build(); } @@ -112,6 +113,11 @@ public B authSchemeProvider(DatabaseAuthSchemeProvider authSchemeProvider) { } private DatabaseAuthSchemeProvider defaultAuthSchemeProvider() { + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder().build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); + if (preferences != null && !preferences.isEmpty()) { + return DatabaseAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); + } return DatabaseAuthSchemeProvider.defaultProvider(); } @@ -139,7 +145,7 @@ protected SdkClientConfiguration invokePlugins(SdkClientConfiguration config) { List plugins = CollectionUtils.mergeLists(internalPlugins, externalPlugins); SdkClientConfiguration.Builder configuration = config.toBuilder(); DatabaseServiceClientConfigurationBuilder serviceConfigBuilder = new DatabaseServiceClientConfigurationBuilder( - configuration); + configuration); for (SdkPlugin plugin : plugins) { plugin.configureClient(serviceConfigBuilder); } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-query-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-query-client-builder-class.java index 724eb838439d..e485412a3e13 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-query-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-query-client-builder-class.java @@ -15,6 +15,7 @@ import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; import software.amazon.awssdk.awscore.endpoints.AccountIdEndpointMode; import software.amazon.awssdk.awscore.endpoints.AccountIdEndpointModeResolver; +import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.core.SdkPlugin; import software.amazon.awssdk.core.checksums.RequestChecksumCalculation; @@ -67,13 +68,13 @@ protected final String serviceName() { @Override protected final SdkClientConfiguration mergeServiceDefaults(SdkClientConfiguration config) { return config.merge(c -> c - .option(SdkClientOption.ENDPOINT_PROVIDER, defaultEndpointProvider()) - .option(SdkClientOption.AUTH_SCHEME_PROVIDER, defaultAuthSchemeProvider()) - .option(SdkClientOption.AUTH_SCHEMES, authSchemes()) - .option(SdkClientOption.CRC32_FROM_COMPRESSED_DATA_ENABLED, false) - .lazyOption(AwsClientOption.TOKEN_PROVIDER, + .option(SdkClientOption.ENDPOINT_PROVIDER, defaultEndpointProvider()) + .option(SdkClientOption.AUTH_SCHEME_PROVIDER, defaultAuthSchemeProvider()) + .option(SdkClientOption.AUTH_SCHEMES, authSchemes()) + .option(SdkClientOption.CRC32_FROM_COMPRESSED_DATA_ENABLED, false) + .lazyOption(AwsClientOption.TOKEN_PROVIDER, p -> TokenUtils.toSdkTokenProvider(p.get(AwsClientOption.TOKEN_IDENTITY_PROVIDER))) - .option(AwsClientOption.TOKEN_IDENTITY_PROVIDER, defaultTokenProvider())); + .option(AwsClientOption.TOKEN_IDENTITY_PROVIDER, defaultTokenProvider())); } @Override @@ -84,7 +85,7 @@ protected final SdkClientConfiguration finalizeServiceConfiguration(SdkClientCon endpointInterceptors.add(new QueryRequestSetEndpointInterceptor()); ClasspathInterceptorChainFactory interceptorFactory = new ClasspathInterceptorChainFactory(); List interceptors = interceptorFactory - .getInterceptors("software/amazon/awssdk/services/query/execution.interceptors"); + .getInterceptors("software/amazon/awssdk/services/query/execution.interceptors"); List additionalInterceptors = new ArrayList<>(); interceptors = CollectionUtils.mergeLists(endpointInterceptors, interceptors); interceptors = CollectionUtils.mergeLists(interceptors, additionalInterceptors); @@ -106,21 +107,21 @@ protected final SdkClientConfiguration finalizeServiceConfiguration(SdkClientCon builder.option(SdkClientOption.CLIENT_CONTEXT_PARAMS, clientContextParams.build()); builder.option(AwsClientOption.ACCOUNT_ID_ENDPOINT_MODE, resolveAccountIdEndpointMode(config)); builder.lazyOptionIfAbsent( - SdkClientOption.CLIENT_ENDPOINT_PROVIDER, - c -> AwsClientEndpointProvider - .builder() - .serviceEndpointOverrideEnvironmentVariable("AWS_ENDPOINT_URL_QUERY_SERVICE") - .serviceEndpointOverrideSystemProperty("aws.endpointUrlQuery") - .serviceProfileProperty("query_service") - .serviceEndpointPrefix(serviceEndpointPrefix()) - .defaultProtocol("https") - .region(c.get(AwsClientOption.AWS_REGION)) - .profileFile(c.get(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(c.get(SdkClientOption.PROFILE_NAME)) - .putAdvancedOption(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT, - c.get(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT)) - .dualstackEnabled(c.get(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)) - .fipsEnabled(c.get(AwsClientOption.FIPS_ENDPOINT_ENABLED)).build()); + SdkClientOption.CLIENT_ENDPOINT_PROVIDER, + c -> AwsClientEndpointProvider + .builder() + .serviceEndpointOverrideEnvironmentVariable("AWS_ENDPOINT_URL_QUERY_SERVICE") + .serviceEndpointOverrideSystemProperty("aws.endpointUrlQuery") + .serviceProfileProperty("query_service") + .serviceEndpointPrefix(serviceEndpointPrefix()) + .defaultProtocol("https") + .region(c.get(AwsClientOption.AWS_REGION)) + .profileFile(c.get(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(c.get(SdkClientOption.PROFILE_NAME)) + .putAdvancedOption(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT, + c.get(ServiceMetadataAdvancedOption.DEFAULT_S3_US_EAST_1_REGIONAL_ENDPOINT)) + .dualstackEnabled(c.get(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)) + .fipsEnabled(c.get(AwsClientOption.FIPS_ENDPOINT_ENABLED)).build()); SdkClientConfiguration clientConfig = config; builder.lazyOption(SdkClientOption.REQUEST_CHECKSUM_CALCULATION, c -> resolveRequestChecksumCalculation(clientConfig)); builder.lazyOption(SdkClientOption.RESPONSE_CHECKSUM_VALIDATION, c -> resolveResponseChecksumValidation(clientConfig)); @@ -142,6 +143,11 @@ public B authSchemeProvider(QueryAuthSchemeProvider authSchemeProvider) { } private QueryAuthSchemeProvider defaultAuthSchemeProvider() { + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder().build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); + if (preferences != null && !preferences.isEmpty()) { + return QueryAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); + } return QueryAuthSchemeProvider.defaultProvider(); } @@ -240,9 +246,9 @@ private AccountIdEndpointMode resolveAccountIdEndpointMode(SdkClientConfiguratio AccountIdEndpointMode configuredMode = config.option(AwsClientOption.ACCOUNT_ID_ENDPOINT_MODE); if (configuredMode == null) { configuredMode = AccountIdEndpointModeResolver.create() - .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(config.option(SdkClientOption.PROFILE_NAME)).defaultMode(AccountIdEndpointMode.PREFERRED) - .resolve(); + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)).defaultMode(AccountIdEndpointMode.PREFERRED) + .resolve(); } return configuredMode; } @@ -251,9 +257,9 @@ private RequestChecksumCalculation resolveRequestChecksumCalculation(SdkClientCo RequestChecksumCalculation configuredChecksumCalculation = config.option(SdkClientOption.REQUEST_CHECKSUM_CALCULATION); if (configuredChecksumCalculation == null) { configuredChecksumCalculation = RequestChecksumCalculationResolver.create() - .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(config.option(SdkClientOption.PROFILE_NAME)) - .defaultChecksumCalculation(RequestChecksumCalculation.WHEN_SUPPORTED).resolve(); + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)) + .defaultChecksumCalculation(RequestChecksumCalculation.WHEN_SUPPORTED).resolve(); } return configuredChecksumCalculation; } @@ -262,15 +268,15 @@ private ResponseChecksumValidation resolveResponseChecksumValidation(SdkClientCo ResponseChecksumValidation configuredChecksumValidation = config.option(SdkClientOption.RESPONSE_CHECKSUM_VALIDATION); if (configuredChecksumValidation == null) { configuredChecksumValidation = ResponseChecksumValidationResolver.create() - .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) - .profileName(config.option(SdkClientOption.PROFILE_NAME)) - .defaultChecksumValidation(ResponseChecksumValidation.WHEN_SUPPORTED).resolve(); + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)) + .defaultChecksumValidation(ResponseChecksumValidation.WHEN_SUPPORTED).resolve(); } return configuredChecksumValidation; } protected static void validateClientOptions(SdkClientConfiguration c) { Validate.notNull(c.option(AwsClientOption.TOKEN_IDENTITY_PROVIDER), - "The 'tokenProvider' must be configured in the client builder."); + "The 'tokenProvider' must be configured in the client builder."); } } diff --git a/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java b/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java new file mode 100644 index 000000000000..171a9f33ca18 --- /dev/null +++ b/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java @@ -0,0 +1,122 @@ +/* + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"). + * You may not use this file except in compliance with the License. + * A copy of the License is located at + * + * http://aws.amazon.com/apache2.0 + * + * or in the "license" file accompanying this file. This file is distributed + * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package software.amazon.awssdk.awscore.internal.auth; + +import java.util.Arrays; +import java.util.Collections; +import java.util.List; +import java.util.Optional; +import java.util.function.Supplier; +import software.amazon.awssdk.annotations.SdkProtectedApi; +import software.amazon.awssdk.core.SdkSystemSetting; +import software.amazon.awssdk.profiles.Profile; +import software.amazon.awssdk.profiles.ProfileFile; +import software.amazon.awssdk.profiles.ProfileFileSystemSetting; +import software.amazon.awssdk.profiles.ProfileProperty; +import software.amazon.awssdk.utils.Validate; + +@SdkProtectedApi +public class AuthSchemePreferenceProvider { + private static final String AUTH_SCHEME_PREFERENCE_SYSTEM_PROPERTY = "aws.authSchemePreference"; + private final Supplier profileFile; + private final String profileName; + + private AuthSchemePreferenceProvider(Builder builder) { + this.profileFile = Validate.paramNotNull(builder.profileFile, "profileFile"); + this.profileName = builder.profileName; + } + + public static Builder builder() { + return new Builder(); + } + + public List resolveAuthSchemePreference() { + List jvmPrefList = fromJvmProperty(); + if (jvmPrefList != null && !jvmPrefList.isEmpty()) { + return jvmPrefList; + } + + List envVarPrefList = fromEnvVariable(); + if (envVarPrefList != null && !envVarPrefList.isEmpty()) { + return envVarPrefList; + } + + List profileFilePrefList = fromProfileFile(); + if (profileFilePrefList != null && !profileFilePrefList.isEmpty()) { + return profileFilePrefList; + } + + return Collections.emptyList(); + } + + private List fromEnvVariable() { + Optional value = SdkSystemSetting.AWS_AUTH_SCHEME_PREFERENCE.getStringValue(); + if (value.isPresent()) { + return parseAuthSchemeList(value.get()); + } + return Collections.emptyList(); + } + + private List fromJvmProperty() { + String value = System.getProperty(AUTH_SCHEME_PREFERENCE_SYSTEM_PROPERTY); + return parseAuthSchemeList(value); + } + + private List fromProfileFile() { + ProfileFile profileFile = this.profileFile.get(); + + Optional profile = profileFile.profile(ProfileFileSystemSetting.AWS_PROFILE.getStringValueOrThrow()); + + String unformattedAuthSchemePreferenceList = + profile + .flatMap(p -> p.property(ProfileProperty.AUTH_SCHEME_PREFERENCE)) + .orElse(null); + + return unformattedAuthSchemePreferenceList != null + ? parseAuthSchemeList(unformattedAuthSchemePreferenceList) + : Collections.emptyList(); + } + + public static final class Builder { + private Supplier profileFile = ProfileFile::defaultProfileFile; + private String profileName; + + public AuthSchemePreferenceProvider.Builder profileFile(Supplier profileFile) { + this.profileFile = profileFile; + return this; + } + + public AuthSchemePreferenceProvider.Builder profileName(String profileName) { + this.profileName = profileName; + return this; + } + + public AuthSchemePreferenceProvider build() { + return new AuthSchemePreferenceProvider(this); + } + } + + private static List parseAuthSchemeList(String unformattedList) { + if (unformattedList == null) { + return Collections.emptyList(); + } + + unformattedList = unformattedList.replaceAll("\\s+",""); + String[] splitByTabs = unformattedList.split("\t"); + String finalFormat = String.join("", splitByTabs); + return Arrays.asList(finalFormat.split(",")); + } +} diff --git a/core/profiles/src/main/java/software/amazon/awssdk/profiles/ProfileProperty.java b/core/profiles/src/main/java/software/amazon/awssdk/profiles/ProfileProperty.java index 434e27b3b6f2..cd97c6047a55 100644 --- a/core/profiles/src/main/java/software/amazon/awssdk/profiles/ProfileProperty.java +++ b/core/profiles/src/main/java/software/amazon/awssdk/profiles/ProfileProperty.java @@ -151,6 +151,8 @@ public final class ProfileProperty { public static final String USE_DUALSTACK_ENDPOINT = "use_dualstack_endpoint"; + public static final String AUTH_SCHEME_PREFERENCE = "auth_scheme_preference"; + public static final String USE_FIPS_ENDPOINT = "use_fips_endpoint"; public static final String EC2_METADATA_SERVICE_ENDPOINT_MODE = "ec2_metadata_service_endpoint_mode"; diff --git a/core/sdk-core/src/main/java/software/amazon/awssdk/core/SdkSystemSetting.java b/core/sdk-core/src/main/java/software/amazon/awssdk/core/SdkSystemSetting.java index f55eb73cbc7f..2b37adc5091c 100644 --- a/core/sdk-core/src/main/java/software/amazon/awssdk/core/SdkSystemSetting.java +++ b/core/sdk-core/src/main/java/software/amazon/awssdk/core/SdkSystemSetting.java @@ -256,7 +256,14 @@ public enum SdkSystemSetting implements SystemSetting { * Configure the SIGV4A signing region set. * This is a non-empty, comma-delimited list of AWS region names used during signing. */ - AWS_SIGV4A_SIGNING_REGION_SET("aws.sigv4a.signing.region.set", null) + AWS_SIGV4A_SIGNING_REGION_SET("aws.sigv4a.signing.region.set", null), + + + /** + * Configure the preferred auth scheme to use. + * This is a comma-delimited list of AWS auth scheme names used during signing. + */ + AWS_AUTH_SCHEME_PREFERENCE("AWS_AUTH_SCHEME_PREFERENCE", null) ; private final String systemProperty; diff --git a/services-custom/dynamodb-enhanced/src/test/java/software/amazon/awssdk/enhanced/dynamodb/extensions/VersionedRecordExtensionTest.java b/services-custom/dynamodb-enhanced/src/test/java/software/amazon/awssdk/enhanced/dynamodb/extensions/VersionedRecordExtensionTest.java index 4f61db7487e9..b7cbb4eb428a 100644 --- a/services-custom/dynamodb-enhanced/src/test/java/software/amazon/awssdk/enhanced/dynamodb/extensions/VersionedRecordExtensionTest.java +++ b/services-custom/dynamodb-enhanced/src/test/java/software/amazon/awssdk/enhanced/dynamodb/extensions/VersionedRecordExtensionTest.java @@ -166,7 +166,7 @@ public void beforeWrite_returnsNoOpModification_ifVersionAttributeNotDefined() { } @Test(expected = IllegalArgumentException.class) - public void beforeWrite_throwsIllegalArgumentException_ifVersionAttributeIsWrongType() { + public void beforeWrite_throwsIllegalArgumentException_ifVersioPnAttributeIsWrongType() { FakeItem fakeItem = createUniqueFakeItem(); Map fakeItemWIthBadVersion = new HashMap<>(FakeItem.getTableSchema().itemToMap(fakeItem, true)); diff --git a/test/codegen-generated-classes-test/src/main/resources/codegen-resources/multiauth/service-2.json b/test/codegen-generated-classes-test/src/main/resources/codegen-resources/multiauth/service-2.json index b5047e2734fc..6fd1f03e1fd1 100644 --- a/test/codegen-generated-classes-test/src/main/resources/codegen-resources/multiauth/service-2.json +++ b/test/codegen-generated-classes-test/src/main/resources/codegen-resources/multiauth/service-2.json @@ -13,7 +13,7 @@ "timestampFormat":"unixTimestamp", "uid":"restjson-2016-03-11" }, - "operations":{ + "operations": { "multiAuthWithOnlySigv4a":{ "name":"multiAuthWithOnlySigv4a", "http":{ @@ -26,6 +26,18 @@ "ApiType":{"value":"NoEndpointSigningProperties"} } }, + "multiAuthWithOnlySigv4":{ + "name":"multiAuthWithOnlySigv4", + "http":{ + "method":"POST", + "requestUri":"/2016-03-11/multiAuthWithOnlySigv4" + }, + "input":{"shape":"SampleRequest"}, + "auth": ["aws.auth#sigv4"], + "staticContextParams":{ + "ApiType":{"value":"NoEndpointSigningProperties"} + } + }, "multiAuthWithOnlySigv4aAndSigv4":{ "name":"multiAuthWithOnlySigv4aAndSigv4", "http":{ @@ -72,6 +84,17 @@ "value": "onlySigv4a" } } + }, + "multiAuthWithoutAuthScheme":{ + "name":"multiAuthWithoutAuthScheme", + "http":{ + "method":"POST", + "requestUri":"/2016-03-11/multiAuthWithoutAuthScheme" + }, + "input":{"shape":"SampleRequest"}, + "staticContextParams":{ + "ApiType":{"value":"NoEndpointSigningProperties"} + } } }, "shapes": { diff --git a/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/PreferredAuthSchemeProviderTest.java b/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/PreferredAuthSchemeProviderTest.java index 75154d2d9d73..06f0ac8776d3 100644 --- a/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/PreferredAuthSchemeProviderTest.java +++ b/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/PreferredAuthSchemeProviderTest.java @@ -30,13 +30,17 @@ public class PreferredAuthSchemeProviderTest { + private static final String OPERATION_SIGV4_ONLY = "multiAuthWithOnlySigv4a"; private static final String OPERATION_SIGV4A_ONLY = "multiAuthWithOnlySigv4a"; private static final String OPERATION_SIGV4A_AND_SIGV4 = "multiAuthWithOnlySigv4aAndSigv4"; + private static final String OPERATION_NOAUTH = "multiAuthNoAuth"; - private static final String SIGV4 = "aws.auth#sigv4"; - private static final String SIGV4A = "aws.auth#sigv4a"; - private static final String BEARER = "aws.auth#bearer"; - private static final String ANONYMOUS = "aws.auth#noauth"; + private static final String SIGV4 = "sigv4"; + private static final String PREFIXED_SIGV4 = "aws.auth#sigv4"; + private static final String PREFIXED_SIGV4A = "aws.auth#sigv4a"; + private static final String SIGV4A = "sigv4a"; + private static final String BEARER = "bearer"; + private static final String ANONYMOUS = "noauth"; @ParameterizedTest(name = "{3}") @MethodSource("authSchemeTestCases") @@ -63,42 +67,77 @@ static Stream authSchemeTestCases() { Arguments.of( Arrays.asList(BEARER, ANONYMOUS), OPERATION_SIGV4A_AND_SIGV4, - SIGV4A, + PREFIXED_SIGV4A, "Unsupported auth schemes only" ), + Arguments.of( + Arrays.asList(SIGV4, SIGV4A), + OPERATION_NOAUTH, + PREFIXED_SIGV4, + "Operation with no auth scheme should default to Sigv4" + ), + + Arguments.of( + Arrays.asList(SIGV4A), + OPERATION_NOAUTH, + PREFIXED_SIGV4A, + "" + ), + + Arguments.of( + Arrays.asList(SIGV4A, SIGV4), + OPERATION_NOAUTH, + PREFIXED_SIGV4A, + "" + ), + + Arguments.of( + Arrays.asList(SIGV4A, SIGV4), + OPERATION_NOAUTH, + PREFIXED_SIGV4A, + "" + ), + Arguments.of( Arrays.asList(BEARER, SIGV4, ANONYMOUS), OPERATION_SIGV4A_AND_SIGV4, - SIGV4, + PREFIXED_SIGV4, "Mix of supported and unsupported schemes" ), Arguments.of( Arrays.asList(SIGV4, SIGV4A), OPERATION_SIGV4A_AND_SIGV4, - SIGV4, + PREFIXED_SIGV4, "All supported schemes in reverse order" ), + Arguments.of( + Arrays.asList(SIGV4A), + OPERATION_SIGV4_ONLY, + PREFIXED_SIGV4, + "Operation with only sigv4 supported scheme" + ), + Arguments.of( Arrays.asList(SIGV4, SIGV4A), OPERATION_SIGV4A_ONLY, - SIGV4A, - "Operation with only one supported scheme" + PREFIXED_SIGV4A, + "Operation with only sigv4a supported scheme" ), Arguments.of( Collections.emptyList(), OPERATION_SIGV4A_AND_SIGV4, - SIGV4A, + PREFIXED_SIGV4A, "Empty preference list" ), Arguments.of( Arrays.asList(SIGV4A, SIGV4, BEARER), OPERATION_SIGV4A_AND_SIGV4, - SIGV4A, + PREFIXED_SIGV4A, "First preference is supported" ) ); diff --git a/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/multiauth/AuthSchemePreferenceProviderTest.java b/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/multiauth/AuthSchemePreferenceProviderTest.java new file mode 100644 index 000000000000..46c74df83a7b --- /dev/null +++ b/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/multiauth/AuthSchemePreferenceProviderTest.java @@ -0,0 +1,221 @@ +/* + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"). + * You may not use this file except in compliance with the License. + * A copy of the License is located at + * + * http://aws.amazon.com/apache2.0 + * + * or in the "license" file accompanying this file. This file is distributed + * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package software.amazon.awssdk.services.multiauth; + +import static org.assertj.core.api.Assertions.assertThat; + +import java.util.Arrays; +import java.util.Collections; +import java.util.List; +import java.util.concurrent.atomic.AtomicReference; +import java.util.stream.Stream; +import org.junit.jupiter.api.AfterEach; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.Arguments; +import org.junit.jupiter.params.provider.MethodSource; +import software.amazon.awssdk.auth.credentials.AnonymousCredentialsProvider; +import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; +import software.amazon.awssdk.core.SdkSystemSetting; +import software.amazon.awssdk.core.SelectedAuthScheme; +import software.amazon.awssdk.core.interceptor.Context; +import software.amazon.awssdk.core.interceptor.ExecutionAttributes; +import software.amazon.awssdk.core.interceptor.ExecutionInterceptor; +import software.amazon.awssdk.core.interceptor.SdkInternalExecutionAttribute; +import software.amazon.awssdk.profiles.ProfileFile; +import software.amazon.awssdk.profiles.ProfileProperty; +import software.amazon.awssdk.regions.Region; +import software.amazon.awssdk.services.multiauth.auth.scheme.MultiauthAuthSchemeProvider; +import software.amazon.awssdk.services.multiauth.model.MultiAuthWithOnlySigv4AAndSigv4Request; +import software.amazon.awssdk.testutils.EnvironmentVariableHelper; +import software.amazon.awssdk.utils.StringInputStream; + +public class AuthSchemePreferenceProviderTest { + private final EnvironmentVariableHelper helper = new EnvironmentVariableHelper(); + + @AfterEach + void tearDown() { + System.clearProperty(SdkSystemSetting.AWS_AUTH_SCHEME_PREFERENCE.property()); + helper.reset(); + } + + @ParameterizedTest + @MethodSource("schemeParsingCases") + void parsesAuthSchemeCorrectly(String authSchemePreference, List actual) { + System.setProperty(SdkSystemSetting.AWS_AUTH_SCHEME_PREFERENCE.property(), authSchemePreference); + AuthSchemePreferenceProvider provider = AuthSchemePreferenceProvider.builder().build(); + List pref = provider.resolveAuthSchemePreference(); + assertThat(pref).isEqualTo(actual); + } + + static Stream schemeParsingCases() { + return Stream.of( + Arguments.of("scheme1, scheme2 , \tscheme3 \t", Arrays.asList("scheme1", "scheme2", "scheme3")), + Arguments.of("scheme1, scheme2 \t scheme3 scheme4", Arrays.asList("scheme1", "scheme2scheme3scheme4")), + Arguments.of("sigv4, sig v 4 a, bearer", Arrays.asList("sigv4", "sigv4a", "bearer")), + Arguments.of("", Collections.singletonList("")) + + ); + } + + @ParameterizedTest + @MethodSource("testCases") + void resolvesAuthSchemePreference(TestCase testCase) { + try { + MultiauthClientBuilder builder = + MultiauthClient.builder() + .region(Region.US_WEST_2) + .credentialsProvider(AnonymousCredentialsProvider.create()); + + if (testCase.clientSetting != null) { + builder.authSchemeProvider(MultiauthAuthSchemeProvider.builder().withPreferredAuthSchemes(testCase.clientSetting).build()); + } + + if (testCase.systemPropSetting != null) { + System.setProperty(SdkSystemSetting.AWS_AUTH_SCHEME_PREFERENCE.property(), testCase.systemPropSetting); + } + + if (testCase.envVarSetting != null) { + helper.set(SdkSystemSetting.AWS_AUTH_SCHEME_PREFERENCE.environmentVariable(), testCase.envVarSetting); + } + + ProfileFile.Builder profileFile = ProfileFile.builder().type(ProfileFile.Type.CONFIGURATION); + + if (testCase.profileSetting != null) { + profileFile.content(new StringInputStream("[default]\n" + + ProfileProperty.AUTH_SCHEME_PREFERENCE + " = " + testCase.profileSetting)); + } else { + profileFile.content(new StringInputStream("")); + } + + AutSchemeCapturingInterceptor interceptor = new AutSchemeCapturingInterceptor(); + + builder.overrideConfiguration(c -> c.defaultProfileFile(profileFile.build()) + .defaultProfileName("default") + .addExecutionInterceptor(interceptor)); + + MultiauthClient client = builder.build(); + + try { + client.multiAuthWithOnlySigv4aAndSigv4(MultiAuthWithOnlySigv4AAndSigv4Request.builder().build()); + } catch (AutSchemeCapturingInterceptor.CaptureException e) { + // expected + } + + assertThat(interceptor.authScheme()).isEqualTo(testCase.expectedValues.get(0)); + } finally { + tearDown(); + } + } + + static Stream testCases() { + return Stream.of( + // Arguments.of(new TestCase( + // null, + // null, + // null, + // Arrays.asList("sigv4", "noauth"), + // Arrays.asList("sigv4", "noauth"), + // "Client config is used when set")), + // + // Arguments.of(new TestCase( + // null, + // null, + // "sigv4,sigv4a,bearer", + // null, + // Arrays.asList("sigv4", "sigv4a", "bearer"), + // "System property value is used")), + + Arguments.of(new TestCase( + null, + "sigv4a,sigv4,bearer", + null, + null, + Arrays.asList("sigv4a", "sigv4", "bearer"), + "Environment variable is used when other properties is null")) + + // Arguments.of(new TestCase( + // "bearer,sigv4,sigv4a", + // null, + // null, + // null, + // Arrays.asList("bearer", "sigv4", "sigv4a"), + // "Profile setting is used when others are null")), + // + // Arguments.of(new TestCase( + // "bearer,sigv4,sigv4a", + // "sigv4a,sigv4,bearer", + // "sigv4,sigv4a,bearer", + // null, + // Arrays.asList("sigv4", "sigv4a", "bearer"), + // "JVM system property has precedence over env var and profile")), + // + // Arguments.of(new TestCase( + // "bearer,sigv4,sigv4a", + // "sigv4a,sigv4,bearer", + // "sigv4,sigv4a,bearer", + // Arrays.asList("noauth", "sigv4a", "bearer"), + // Arrays.asList("noauth", "sigv4a", "bearer"), + // "Client config has highest precedence")) + ); + } + + public static class TestCase { + private final String profileSetting; + private final String envVarSetting; + private final String systemPropSetting; + private final List clientSetting; + private final List expectedValues; + private final String caseName; + + public TestCase(String profileSetting, String envVarSetting, String systemPropSetting, List clientSetting, + List expectedValues, String caseName) { + this.profileSetting = profileSetting; + this.envVarSetting = envVarSetting; + this.systemPropSetting = systemPropSetting; + this.clientSetting = clientSetting; + this.expectedValues = expectedValues; + + this.caseName = caseName; + } + + @Override + public String toString() { + return caseName; + } + } + + public static class AutSchemeCapturingInterceptor implements ExecutionInterceptor { + private final AtomicReference authScheme = new AtomicReference<>(); + + @Override + public void beforeTransmission(Context.BeforeTransmission context, ExecutionAttributes executionAttributes) { + SelectedAuthScheme scheme = executionAttributes.getAttribute(SdkInternalExecutionAttribute.SELECTED_AUTH_SCHEME); + String schemeId = scheme.authSchemeOption().schemeId(); + authScheme.set(schemeId.replace("aws.auth#", "")); + throw new CaptureException(); + } + + + public String authScheme() { + return this.authScheme.get(); + } + + public static class CaptureException extends RuntimeException { + } + } +} + + diff --git a/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/multiauth/MultiAuthSigningPropertiesTest.java b/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/multiauth/MultiAuthSigningPropertiesTest.java index 639f5097146b..ebe63f18562f 100644 --- a/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/multiauth/MultiAuthSigningPropertiesTest.java +++ b/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/multiauth/MultiAuthSigningPropertiesTest.java @@ -24,6 +24,7 @@ import static org.mockito.Mockito.when; import java.util.Arrays; +import java.util.List; import java.util.StringJoiner; import java.util.concurrent.CompletableFuture; import org.assertj.core.api.Assertions; @@ -34,6 +35,7 @@ import org.junit.jupiter.api.Test; import org.mockito.Mock; import org.mockito.MockitoAnnotations; +import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.core.SdkSystemSetting; import software.amazon.awssdk.http.SdkHttpClient; import software.amazon.awssdk.http.auth.aws.signer.AwsV4HttpSigner; From a0094edb3090f3cf858e53482c9a271041480b58 Mon Sep 17 00:00:00 2001 From: Alex Woods Date: Fri, 23 May 2025 08:08:37 -0700 Subject: [PATCH 06/13] Use SdkSystemSetting for both env and system --- .../auth/AuthSchemePreferenceProvider.java | 24 +++++-------------- .../amazon/awssdk/core/SdkSystemSetting.java | 3 +-- 2 files changed, 7 insertions(+), 20 deletions(-) diff --git a/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java b/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java index 171a9f33ca18..7a9e00a09bdd 100644 --- a/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java +++ b/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java @@ -24,13 +24,11 @@ import software.amazon.awssdk.core.SdkSystemSetting; import software.amazon.awssdk.profiles.Profile; import software.amazon.awssdk.profiles.ProfileFile; -import software.amazon.awssdk.profiles.ProfileFileSystemSetting; import software.amazon.awssdk.profiles.ProfileProperty; import software.amazon.awssdk.utils.Validate; @SdkProtectedApi public class AuthSchemePreferenceProvider { - private static final String AUTH_SCHEME_PREFERENCE_SYSTEM_PROPERTY = "aws.authSchemePreference"; private final Supplier profileFile; private final String profileName; @@ -44,14 +42,9 @@ public static Builder builder() { } public List resolveAuthSchemePreference() { - List jvmPrefList = fromJvmProperty(); - if (jvmPrefList != null && !jvmPrefList.isEmpty()) { - return jvmPrefList; - } - - List envVarPrefList = fromEnvVariable(); - if (envVarPrefList != null && !envVarPrefList.isEmpty()) { - return envVarPrefList; + List systemSettingList = fromSystemSetting(); + if (systemSettingList != null && !systemSettingList.isEmpty()) { + return systemSettingList; } List profileFilePrefList = fromProfileFile(); @@ -62,7 +55,7 @@ public List resolveAuthSchemePreference() { return Collections.emptyList(); } - private List fromEnvVariable() { + private List fromSystemSetting() { Optional value = SdkSystemSetting.AWS_AUTH_SCHEME_PREFERENCE.getStringValue(); if (value.isPresent()) { return parseAuthSchemeList(value.get()); @@ -70,15 +63,10 @@ private List fromEnvVariable() { return Collections.emptyList(); } - private List fromJvmProperty() { - String value = System.getProperty(AUTH_SCHEME_PREFERENCE_SYSTEM_PROPERTY); - return parseAuthSchemeList(value); - } - private List fromProfileFile() { ProfileFile profileFile = this.profileFile.get(); - Optional profile = profileFile.profile(ProfileFileSystemSetting.AWS_PROFILE.getStringValueOrThrow()); + Optional profile = profileFile.profile(profileName); String unformattedAuthSchemePreferenceList = profile @@ -114,7 +102,7 @@ private static List parseAuthSchemeList(String unformattedList) { return Collections.emptyList(); } - unformattedList = unformattedList.replaceAll("\\s+",""); + unformattedList = unformattedList.replaceAll("\\s+", ""); String[] splitByTabs = unformattedList.split("\t"); String finalFormat = String.join("", splitByTabs); return Arrays.asList(finalFormat.split(",")); diff --git a/core/sdk-core/src/main/java/software/amazon/awssdk/core/SdkSystemSetting.java b/core/sdk-core/src/main/java/software/amazon/awssdk/core/SdkSystemSetting.java index 2b37adc5091c..65889c2d08fd 100644 --- a/core/sdk-core/src/main/java/software/amazon/awssdk/core/SdkSystemSetting.java +++ b/core/sdk-core/src/main/java/software/amazon/awssdk/core/SdkSystemSetting.java @@ -263,8 +263,7 @@ public enum SdkSystemSetting implements SystemSetting { * Configure the preferred auth scheme to use. * This is a comma-delimited list of AWS auth scheme names used during signing. */ - AWS_AUTH_SCHEME_PREFERENCE("AWS_AUTH_SCHEME_PREFERENCE", null) - ; + AWS_AUTH_SCHEME_PREFERENCE("aws.authSchemePreference", null); private final String systemProperty; private final String defaultValue; From f46a7732787c94bb72ddb8f8be69183e356a03d6 Mon Sep 17 00:00:00 2001 From: Alex Woods Date: Fri, 23 May 2025 09:22:56 -0700 Subject: [PATCH 07/13] Add profiles to service pom --- services/pom.xml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/services/pom.xml b/services/pom.xml index 9ec42eaeb927..bf79123843bb 100644 --- a/services/pom.xml +++ b/services/pom.xml @@ -509,6 +509,11 @@ retries-spi ${awsjavasdk.version} + + software.amazon.awssdk + profiles + ${awsjavasdk.version} + apache-client software.amazon.awssdk From 6ae2294add68885d919dffc75fe02832667a9993 Mon Sep 17 00:00:00 2001 From: Alex Woods Date: Fri, 23 May 2025 10:21:03 -0700 Subject: [PATCH 08/13] Fix test --- .../PreferredAuthSchemeProviderTest.java | 23 +------------------ 1 file changed, 1 insertion(+), 22 deletions(-) diff --git a/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/PreferredAuthSchemeProviderTest.java b/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/PreferredAuthSchemeProviderTest.java index 06f0ac8776d3..ad53ba5041a2 100644 --- a/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/PreferredAuthSchemeProviderTest.java +++ b/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/PreferredAuthSchemeProviderTest.java @@ -30,7 +30,7 @@ public class PreferredAuthSchemeProviderTest { - private static final String OPERATION_SIGV4_ONLY = "multiAuthWithOnlySigv4a"; + private static final String OPERATION_SIGV4_ONLY = "multiAuthWithOnlySigv4"; private static final String OPERATION_SIGV4A_ONLY = "multiAuthWithOnlySigv4a"; private static final String OPERATION_SIGV4A_AND_SIGV4 = "multiAuthWithOnlySigv4aAndSigv4"; private static final String OPERATION_NOAUTH = "multiAuthNoAuth"; @@ -78,27 +78,6 @@ static Stream authSchemeTestCases() { "Operation with no auth scheme should default to Sigv4" ), - Arguments.of( - Arrays.asList(SIGV4A), - OPERATION_NOAUTH, - PREFIXED_SIGV4A, - "" - ), - - Arguments.of( - Arrays.asList(SIGV4A, SIGV4), - OPERATION_NOAUTH, - PREFIXED_SIGV4A, - "" - ), - - Arguments.of( - Arrays.asList(SIGV4A, SIGV4), - OPERATION_NOAUTH, - PREFIXED_SIGV4A, - "" - ), - Arguments.of( Arrays.asList(BEARER, SIGV4, ANONYMOUS), OPERATION_SIGV4A_AND_SIGV4, From 4ae9a446e68b4d43fa69f4cb454a728c8a04436c Mon Sep 17 00:00:00 2001 From: Alex Woods Date: Fri, 23 May 2025 10:25:41 -0700 Subject: [PATCH 09/13] Fix protocol test dependencies --- test/protocol-tests/pom.xml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/test/protocol-tests/pom.xml b/test/protocol-tests/pom.xml index f6419b41bef4..a416f50f0119 100644 --- a/test/protocol-tests/pom.xml +++ b/test/protocol-tests/pom.xml @@ -87,6 +87,11 @@ aws-core ${awsjavasdk.version} + + software.amazon.awssdk + profiles + ${awsjavasdk.version} + software.amazon.awssdk apache-client From a9e1a087d5153298f5cd171aa57d6151a7a95830 Mon Sep 17 00:00:00 2001 From: Alex Woods Date: Fri, 23 May 2025 12:00:49 -0700 Subject: [PATCH 10/13] Remove dependency on profiles (use option get in generated code instead) --- .../poet/builder/BaseClientBuilderClass.java | 29 +++++++++---------- ...test-bearer-auth-client-builder-class.java | 8 ++--- .../sra/test-client-builder-class.java | 8 ++--- ...-client-builder-endpoints-auth-params.java | 8 ++--- ...lient-builder-internal-defaults-class.java | 8 ++--- ...-composed-sync-default-client-builder.java | 8 ++--- ...ulti-auth-sigv4a-client-builder-class.java | 8 ++--- ...test-no-auth-ops-client-builder-class.java | 8 ++--- ...-no-auth-service-client-builder-class.java | 8 ++--- .../sra/test-query-client-builder-class.java | 8 ++--- .../auth/AuthSchemePreferenceProvider.java | 22 ++++++++++---- services/pom.xml | 5 ---- test/protocol-tests/pom.xml | 5 ---- 13 files changed, 66 insertions(+), 67 deletions(-) diff --git a/codegen/src/main/java/software/amazon/awssdk/codegen/poet/builder/BaseClientBuilderClass.java b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/builder/BaseClientBuilderClass.java index afb0d7cd8ca7..ff7caa9c53c0 100644 --- a/codegen/src/main/java/software/amazon/awssdk/codegen/poet/builder/BaseClientBuilderClass.java +++ b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/builder/BaseClientBuilderClass.java @@ -443,7 +443,7 @@ private MethodSpec finalizeServiceConfigurationMethod() { // serviceConfigBuilder; the service configuration classes (e.g. S3Configuration) return primitive booleans that // have a default when not present. builder.addStatement("builder.option($T.DUALSTACK_ENDPOINT_ENABLED, serviceConfigBuilder.dualstackEnabled())", - AwsClientOption.class); + AwsClientOption.class); } if (model.getCustomizationConfig().getServiceConfig().hasFipsProperty()) { @@ -453,14 +453,14 @@ private MethodSpec finalizeServiceConfigurationMethod() { if (model.getEndpointOperation().isPresent()) { builder.addStatement("builder.option($T.ENDPOINT_DISCOVERY_ENABLED, endpointDiscoveryEnabled)\n", - SdkClientOption.class); + SdkClientOption.class); } if (StringUtils.isNotBlank(model.getCustomizationConfig().getCustomRetryStrategy())) { builder.addStatement("builder.option($1T.RETRY_STRATEGY, $2T.resolveRetryStrategy(config))", - SdkClientOption.class, - PoetUtils.classNameFromFqcn(model.getCustomizationConfig().getCustomRetryStrategy())); + SdkClientOption.class, + PoetUtils.classNameFromFqcn(model.getCustomizationConfig().getCustomRetryStrategy())); } if (StringUtils.isNotBlank(model.getCustomizationConfig().getCustomRetryPolicy())) { @@ -486,7 +486,7 @@ private MethodSpec finalizeServiceConfigurationMethod() { if (endpointParamsKnowledgeIndex.hasAccountIdEndpointModeBuiltIn()) { builder.addStatement("builder.option($T.$L, resolveAccountIdEndpointMode(config))", - AwsClientOption.class, model.getNamingStrategy().getEnumValueName("accountIdEndpointMode")); + AwsClientOption.class, model.getNamingStrategy().getEnumValueName("accountIdEndpointMode")); } String serviceNameForEnvVar = model.getNamingStrategy().getServiceNameForEnvironmentVariables(); @@ -832,14 +832,13 @@ private MethodSpec defaultAuthSchemeProviderMethod() { .addModifiers(PRIVATE) .addParameter(SdkClientConfiguration.class, "config") .returns(authSchemeSpecUtils.providerInterfaceName()) - .addStatement("$T builder = " - + "$T.builder()", - AuthSchemePreferenceProvider.Builder.class, AuthSchemePreferenceProvider.class) - .addStatement("config.asOverrideConfiguration().defaultProfileFile().ifPresent(profileFile -> builder" - + ".profileFile(() -> profileFile))") - .addStatement("config.asOverrideConfiguration().defaultProfileName().ifPresent(profileName -> builder" - + ".profileName(profileName))") - .addStatement("List preferences = builder.build().resolveAuthSchemePreference()") + .addCode("$T authSchemePreferenceProvider = " + + "$T.builder()", + AuthSchemePreferenceProvider.class, AuthSchemePreferenceProvider.class) + .addCode(".profileFile(config.option($T.PROFILE_FILE_SUPPLIER))", SdkClientOption.class) + .addCode(".profileName(config.option($T.PROFILE_NAME))", SdkClientOption.class) + .addStatement(".build()") + .addStatement("List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference()") .beginControlFlow("if(preferences != null && !preferences.isEmpty())") .addStatement("return $T.builder().withPreferredAuthSchemes(preferences).build()", authSchemeSpecUtils.providerInterfaceName()) @@ -979,10 +978,10 @@ private MethodSpec internalPluginsMethod() { List internalPlugins = model.getCustomizationConfig().getInternalPlugins(); if (internalPlugins.isEmpty()) { return builder.addStatement("return $T.emptyList()", Collections.class) - .build(); + .build(); } - builder.addStatement("$T internalPlugins = new $T<>()", parameterizedTypeName, ArrayList.class); + builder.addStatement("$T internalPlugins = new $T<>()", parameterizedTypeName, ArrayList.class); for (String internalPlugin : internalPlugins) { String arguments = internalPluginNewArguments(internalPlugin); diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-bearer-auth-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-bearer-auth-client-builder-class.java index e96012812a4f..987b1f30ea9a 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-bearer-auth-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-bearer-auth-client-builder-class.java @@ -128,10 +128,10 @@ public B authSchemeProvider(JsonAuthSchemeProvider authSchemeProvider) { } private JsonAuthSchemeProvider defaultAuthSchemeProvider(SdkClientConfiguration config) { - AuthSchemePreferenceProvider.Builder builder = AuthSchemePreferenceProvider.builder(); - config.asOverrideConfiguration().defaultProfileFile().ifPresent(profileFile -> builder.profileFile(() -> profileFile)); - config.asOverrideConfiguration().defaultProfileName().ifPresent(profileName -> builder.profileName(profileName)); - List preferences = builder.build().resolveAuthSchemePreference(); + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder() + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)).build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); if (preferences != null && !preferences.isEmpty()) { return JsonAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-class.java index 13fa4cf20907..540071d01a7d 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-class.java @@ -227,10 +227,10 @@ public B authSchemeProvider(JsonAuthSchemeProvider authSchemeProvider) { } private JsonAuthSchemeProvider defaultAuthSchemeProvider(SdkClientConfiguration config) { - AuthSchemePreferenceProvider.Builder builder = AuthSchemePreferenceProvider.builder(); - config.asOverrideConfiguration().defaultProfileFile().ifPresent(profileFile -> builder.profileFile(() -> profileFile)); - config.asOverrideConfiguration().defaultProfileName().ifPresent(profileName -> builder.profileName(profileName)); - List preferences = builder.build().resolveAuthSchemePreference(); + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder() + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)).build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); if (preferences != null && !preferences.isEmpty()) { return JsonAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-endpoints-auth-params.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-endpoints-auth-params.java index 48577e0c6290..276718ae1f92 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-endpoints-auth-params.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-endpoints-auth-params.java @@ -145,10 +145,10 @@ public B authSchemeProvider(QueryAuthSchemeProvider authSchemeProvider) { } private QueryAuthSchemeProvider defaultAuthSchemeProvider(SdkClientConfiguration config) { - AuthSchemePreferenceProvider.Builder builder = AuthSchemePreferenceProvider.builder(); - config.asOverrideConfiguration().defaultProfileFile().ifPresent(profileFile -> builder.profileFile(() -> profileFile)); - config.asOverrideConfiguration().defaultProfileName().ifPresent(profileName -> builder.profileName(profileName)); - List preferences = builder.build().resolveAuthSchemePreference(); + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder() + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)).build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); if (preferences != null && !preferences.isEmpty()) { return QueryAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-internal-defaults-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-internal-defaults-class.java index b439ee3df905..5d2e21ff4184 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-internal-defaults-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-internal-defaults-class.java @@ -128,10 +128,10 @@ public B authSchemeProvider(JsonAuthSchemeProvider authSchemeProvider) { } private JsonAuthSchemeProvider defaultAuthSchemeProvider(SdkClientConfiguration config) { - AuthSchemePreferenceProvider.Builder builder = AuthSchemePreferenceProvider.builder(); - config.asOverrideConfiguration().defaultProfileFile().ifPresent(profileFile -> builder.profileFile(() -> profileFile)); - config.asOverrideConfiguration().defaultProfileName().ifPresent(profileName -> builder.profileName(profileName)); - List preferences = builder.build().resolveAuthSchemePreference(); + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder() + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)).build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); if (preferences != null && !preferences.isEmpty()) { return JsonAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-composed-sync-default-client-builder.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-composed-sync-default-client-builder.java index 723fb7e51258..439d818c8922 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-composed-sync-default-client-builder.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-composed-sync-default-client-builder.java @@ -150,10 +150,10 @@ public B authSchemeProvider(JsonAuthSchemeProvider authSchemeProvider) { } private JsonAuthSchemeProvider defaultAuthSchemeProvider(SdkClientConfiguration config) { - AuthSchemePreferenceProvider.Builder builder = AuthSchemePreferenceProvider.builder(); - config.asOverrideConfiguration().defaultProfileFile().ifPresent(profileFile -> builder.profileFile(() -> profileFile)); - config.asOverrideConfiguration().defaultProfileName().ifPresent(profileName -> builder.profileName(profileName)); - List preferences = builder.build().resolveAuthSchemePreference(); + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder() + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)).build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); if (preferences != null && !preferences.isEmpty()) { return JsonAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-multi-auth-sigv4a-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-multi-auth-sigv4a-client-builder-class.java index ba9c6fc26357..961f1ca7ffd0 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-multi-auth-sigv4a-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-multi-auth-sigv4a-client-builder-class.java @@ -123,10 +123,10 @@ public B authSchemeProvider(DatabaseAuthSchemeProvider authSchemeProvider) { } private DatabaseAuthSchemeProvider defaultAuthSchemeProvider(SdkClientConfiguration config) { - AuthSchemePreferenceProvider.Builder builder = AuthSchemePreferenceProvider.builder(); - config.asOverrideConfiguration().defaultProfileFile().ifPresent(profileFile -> builder.profileFile(() -> profileFile)); - config.asOverrideConfiguration().defaultProfileName().ifPresent(profileName -> builder.profileName(profileName)); - List preferences = builder.build().resolveAuthSchemePreference(); + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder() + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)).build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); if (preferences != null && !preferences.isEmpty()) { return DatabaseAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-ops-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-ops-client-builder-class.java index 8fca8dc07caf..034878e97c61 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-ops-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-ops-client-builder-class.java @@ -122,10 +122,10 @@ public B authSchemeProvider(DatabaseAuthSchemeProvider authSchemeProvider) { } private DatabaseAuthSchemeProvider defaultAuthSchemeProvider(SdkClientConfiguration config) { - AuthSchemePreferenceProvider.Builder builder = AuthSchemePreferenceProvider.builder(); - config.asOverrideConfiguration().defaultProfileFile().ifPresent(profileFile -> builder.profileFile(() -> profileFile)); - config.asOverrideConfiguration().defaultProfileName().ifPresent(profileName -> builder.profileName(profileName)); - List preferences = builder.build().resolveAuthSchemePreference(); + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder() + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)).build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); if (preferences != null && !preferences.isEmpty()) { return DatabaseAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-service-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-service-client-builder-class.java index 653403fedc4c..0fed20118bf7 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-service-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-service-client-builder-class.java @@ -115,10 +115,10 @@ public B authSchemeProvider(DatabaseAuthSchemeProvider authSchemeProvider) { } private DatabaseAuthSchemeProvider defaultAuthSchemeProvider(SdkClientConfiguration config) { - AuthSchemePreferenceProvider.Builder builder = AuthSchemePreferenceProvider.builder(); - config.asOverrideConfiguration().defaultProfileFile().ifPresent(profileFile -> builder.profileFile(() -> profileFile)); - config.asOverrideConfiguration().defaultProfileName().ifPresent(profileName -> builder.profileName(profileName)); - List preferences = builder.build().resolveAuthSchemePreference(); + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder() + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)).build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); if (preferences != null && !preferences.isEmpty()) { return DatabaseAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); } diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-query-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-query-client-builder-class.java index e881e5b08c93..4b8d38d972ee 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-query-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-query-client-builder-class.java @@ -143,10 +143,10 @@ public B authSchemeProvider(QueryAuthSchemeProvider authSchemeProvider) { } private QueryAuthSchemeProvider defaultAuthSchemeProvider(SdkClientConfiguration config) { - AuthSchemePreferenceProvider.Builder builder = AuthSchemePreferenceProvider.builder(); - config.asOverrideConfiguration().defaultProfileFile().ifPresent(profileFile -> builder.profileFile(() -> profileFile)); - config.asOverrideConfiguration().defaultProfileName().ifPresent(profileName -> builder.profileName(profileName)); - List preferences = builder.build().resolveAuthSchemePreference(); + AuthSchemePreferenceProvider authSchemePreferenceProvider = AuthSchemePreferenceProvider.builder() + .profileFile(config.option(SdkClientOption.PROFILE_FILE_SUPPLIER)) + .profileName(config.option(SdkClientOption.PROFILE_NAME)).build(); + List preferences = authSchemePreferenceProvider.resolveAuthSchemePreference(); if (preferences != null && !preferences.isEmpty()) { return QueryAuthSchemeProvider.builder().withPreferredAuthSchemes(preferences).build(); } diff --git a/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java b/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java index 7a9e00a09bdd..b48a3e0920da 100644 --- a/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java +++ b/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java @@ -20,21 +20,31 @@ import java.util.List; import java.util.Optional; import java.util.function.Supplier; -import software.amazon.awssdk.annotations.SdkProtectedApi; +import software.amazon.awssdk.annotations.SdkInternalApi; import software.amazon.awssdk.core.SdkSystemSetting; import software.amazon.awssdk.profiles.Profile; import software.amazon.awssdk.profiles.ProfileFile; +import software.amazon.awssdk.profiles.ProfileFileSystemSetting; import software.amazon.awssdk.profiles.ProfileProperty; -import software.amazon.awssdk.utils.Validate; +import software.amazon.awssdk.utils.Lazy; -@SdkProtectedApi +@SdkInternalApi public class AuthSchemePreferenceProvider { private final Supplier profileFile; private final String profileName; private AuthSchemePreferenceProvider(Builder builder) { - this.profileFile = Validate.paramNotNull(builder.profileFile, "profileFile"); - this.profileName = builder.profileName; + if (builder.profileFile != null) { + this.profileFile = builder.profileFile; + } else { + this.profileFile = new Lazy<>(ProfileFile::defaultProfileFile)::getValue; + } + + if (builder.profileName != null) { + this.profileName = builder.profileName; + } else { + this.profileName = ProfileFileSystemSetting.AWS_PROFILE.getStringValueOrThrow(); + } } public static Builder builder() { @@ -79,7 +89,7 @@ private List fromProfileFile() { } public static final class Builder { - private Supplier profileFile = ProfileFile::defaultProfileFile; + private Supplier profileFile; private String profileName; public AuthSchemePreferenceProvider.Builder profileFile(Supplier profileFile) { diff --git a/services/pom.xml b/services/pom.xml index bf79123843bb..9ec42eaeb927 100644 --- a/services/pom.xml +++ b/services/pom.xml @@ -509,11 +509,6 @@ retries-spi ${awsjavasdk.version} - - software.amazon.awssdk - profiles - ${awsjavasdk.version} - apache-client software.amazon.awssdk diff --git a/test/protocol-tests/pom.xml b/test/protocol-tests/pom.xml index a416f50f0119..f6419b41bef4 100644 --- a/test/protocol-tests/pom.xml +++ b/test/protocol-tests/pom.xml @@ -87,11 +87,6 @@ aws-core ${awsjavasdk.version} - - software.amazon.awssdk - profiles - ${awsjavasdk.version} - software.amazon.awssdk apache-client From 73e0564a778d8a5f446d6c73ce555fe967b94b99 Mon Sep 17 00:00:00 2001 From: Alex Woods Date: Fri, 23 May 2025 12:27:29 -0700 Subject: [PATCH 11/13] Fix checkstyle --- .../awscore/internal/auth/AuthSchemePreferenceProvider.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java b/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java index b48a3e0920da..b61f3d934aeb 100644 --- a/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java +++ b/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java @@ -37,7 +37,7 @@ private AuthSchemePreferenceProvider(Builder builder) { if (builder.profileFile != null) { this.profileFile = builder.profileFile; } else { - this.profileFile = new Lazy<>(ProfileFile::defaultProfileFile)::getValue; + this.profileFile = new Lazy<>(ProfileFile::defaultProfileFile)::getValue; } if (builder.profileName != null) { From e20c0414f7aa3f492f4a939c348c85dc85c65554 Mon Sep 17 00:00:00 2001 From: Alex Woods Date: Fri, 23 May 2025 13:17:49 -0700 Subject: [PATCH 12/13] Move AuthSchemePreferenceProvider out of internal module --- .../awssdk/codegen/poet/builder/BaseClientBuilderClass.java | 2 +- .../builder/sra/test-bearer-auth-client-builder-class.java | 2 +- .../codegen/poet/builder/sra/test-client-builder-class.java | 2 +- .../sra/test-client-builder-endpoints-auth-params.java | 2 +- .../sra/test-client-builder-internal-defaults-class.java | 2 +- .../sra/test-composed-sync-default-client-builder.java | 2 +- .../sra/test-multi-auth-sigv4a-client-builder-class.java | 2 +- .../builder/sra/test-no-auth-ops-client-builder-class.java | 2 +- .../sra/test-no-auth-service-client-builder-class.java | 2 +- .../poet/builder/sra/test-query-client-builder-class.java | 2 +- .../{internal => }/auth/AuthSchemePreferenceProvider.java | 6 +++--- .../multiauth/AuthSchemePreferenceProviderTest.java | 2 +- .../services/multiauth/MultiAuthSigningPropertiesTest.java | 2 -- 13 files changed, 14 insertions(+), 16 deletions(-) rename core/aws-core/src/main/java/software/amazon/awssdk/awscore/{internal => }/auth/AuthSchemePreferenceProvider.java (96%) diff --git a/codegen/src/main/java/software/amazon/awssdk/codegen/poet/builder/BaseClientBuilderClass.java b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/builder/BaseClientBuilderClass.java index ff7caa9c53c0..e8da76165a92 100644 --- a/codegen/src/main/java/software/amazon/awssdk/codegen/poet/builder/BaseClientBuilderClass.java +++ b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/builder/BaseClientBuilderClass.java @@ -46,7 +46,7 @@ import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; -import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; +import software.amazon.awssdk.awscore.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.codegen.internal.Utils; import software.amazon.awssdk.codegen.model.intermediate.IntermediateModel; import software.amazon.awssdk.codegen.model.intermediate.OperationModel; diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-bearer-auth-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-bearer-auth-client-builder-class.java index 987b1f30ea9a..d09f14ced763 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-bearer-auth-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-bearer-auth-client-builder-class.java @@ -10,10 +10,10 @@ import software.amazon.awssdk.annotations.SdkInternalApi; import software.amazon.awssdk.auth.credentials.TokenUtils; import software.amazon.awssdk.auth.token.credentials.aws.DefaultAwsTokenProvider; +import software.amazon.awssdk.awscore.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; -import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.core.SdkPlugin; import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration; diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-class.java index 540071d01a7d..a2f2668cd4de 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-class.java @@ -12,10 +12,10 @@ import software.amazon.awssdk.annotations.SdkInternalApi; import software.amazon.awssdk.auth.credentials.TokenUtils; import software.amazon.awssdk.auth.token.credentials.aws.DefaultAwsTokenProvider; +import software.amazon.awssdk.awscore.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; -import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.codegen.poet.plugins.InternalTestPlugin1; import software.amazon.awssdk.codegen.poet.plugins.InternalTestPlugin2; diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-endpoints-auth-params.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-endpoints-auth-params.java index 276718ae1f92..11333a836f9e 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-endpoints-auth-params.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-endpoints-auth-params.java @@ -10,12 +10,12 @@ import software.amazon.awssdk.annotations.SdkInternalApi; import software.amazon.awssdk.auth.credentials.TokenUtils; import software.amazon.awssdk.auth.token.credentials.aws.DefaultAwsTokenProvider; +import software.amazon.awssdk.awscore.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; import software.amazon.awssdk.awscore.endpoints.AccountIdEndpointMode; import software.amazon.awssdk.awscore.endpoints.AccountIdEndpointModeResolver; -import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.core.SdkPlugin; import software.amazon.awssdk.core.checksums.RequestChecksumCalculation; diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-internal-defaults-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-internal-defaults-class.java index 5d2e21ff4184..981c3ac3c19f 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-internal-defaults-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-client-builder-internal-defaults-class.java @@ -8,10 +8,10 @@ import java.util.function.Consumer; import software.amazon.awssdk.annotations.Generated; import software.amazon.awssdk.annotations.SdkInternalApi; +import software.amazon.awssdk.awscore.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; -import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.core.SdkPlugin; import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration; diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-composed-sync-default-client-builder.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-composed-sync-default-client-builder.java index 439d818c8922..bd3ca4d6af4e 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-composed-sync-default-client-builder.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-composed-sync-default-client-builder.java @@ -10,10 +10,10 @@ import software.amazon.awssdk.annotations.SdkInternalApi; import software.amazon.awssdk.auth.credentials.TokenUtils; import software.amazon.awssdk.auth.token.credentials.aws.DefaultAwsTokenProvider; +import software.amazon.awssdk.awscore.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; -import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.core.SdkPlugin; import software.amazon.awssdk.core.checksums.RequestChecksumCalculation; diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-multi-auth-sigv4a-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-multi-auth-sigv4a-client-builder-class.java index 961f1ca7ffd0..e5f70c733bb2 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-multi-auth-sigv4a-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-multi-auth-sigv4a-client-builder-class.java @@ -8,10 +8,10 @@ import java.util.function.Consumer; import software.amazon.awssdk.annotations.Generated; import software.amazon.awssdk.annotations.SdkInternalApi; +import software.amazon.awssdk.awscore.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; -import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.core.SdkPlugin; import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration; diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-ops-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-ops-client-builder-class.java index 034878e97c61..40e2d957a64a 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-ops-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-ops-client-builder-class.java @@ -8,10 +8,10 @@ import java.util.function.Consumer; import software.amazon.awssdk.annotations.Generated; import software.amazon.awssdk.annotations.SdkInternalApi; +import software.amazon.awssdk.awscore.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; -import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.core.SdkPlugin; import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration; diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-service-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-service-client-builder-class.java index 0fed20118bf7..73078fd11aad 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-service-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-no-auth-service-client-builder-class.java @@ -8,10 +8,10 @@ import java.util.function.Consumer; import software.amazon.awssdk.annotations.Generated; import software.amazon.awssdk.annotations.SdkInternalApi; +import software.amazon.awssdk.awscore.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; -import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.core.SdkPlugin; import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration; diff --git a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-query-client-builder-class.java b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-query-client-builder-class.java index 4b8d38d972ee..f726752861f5 100644 --- a/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-query-client-builder-class.java +++ b/codegen/src/test/resources/software/amazon/awssdk/codegen/poet/builder/sra/test-query-client-builder-class.java @@ -10,12 +10,12 @@ import software.amazon.awssdk.annotations.SdkInternalApi; import software.amazon.awssdk.auth.credentials.TokenUtils; import software.amazon.awssdk.auth.token.credentials.aws.DefaultAwsTokenProvider; +import software.amazon.awssdk.awscore.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; import software.amazon.awssdk.awscore.endpoints.AccountIdEndpointMode; import software.amazon.awssdk.awscore.endpoints.AccountIdEndpointModeResolver; -import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.retry.AwsRetryStrategy; import software.amazon.awssdk.core.SdkPlugin; import software.amazon.awssdk.core.checksums.RequestChecksumCalculation; diff --git a/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java b/core/aws-core/src/main/java/software/amazon/awssdk/awscore/auth/AuthSchemePreferenceProvider.java similarity index 96% rename from core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java rename to core/aws-core/src/main/java/software/amazon/awssdk/awscore/auth/AuthSchemePreferenceProvider.java index b61f3d934aeb..4debf6407150 100644 --- a/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/auth/AuthSchemePreferenceProvider.java +++ b/core/aws-core/src/main/java/software/amazon/awssdk/awscore/auth/AuthSchemePreferenceProvider.java @@ -13,14 +13,14 @@ * permissions and limitations under the License. */ -package software.amazon.awssdk.awscore.internal.auth; +package software.amazon.awssdk.awscore.auth; import java.util.Arrays; import java.util.Collections; import java.util.List; import java.util.Optional; import java.util.function.Supplier; -import software.amazon.awssdk.annotations.SdkInternalApi; +import software.amazon.awssdk.annotations.SdkProtectedApi; import software.amazon.awssdk.core.SdkSystemSetting; import software.amazon.awssdk.profiles.Profile; import software.amazon.awssdk.profiles.ProfileFile; @@ -28,7 +28,7 @@ import software.amazon.awssdk.profiles.ProfileProperty; import software.amazon.awssdk.utils.Lazy; -@SdkInternalApi +@SdkProtectedApi public class AuthSchemePreferenceProvider { private final Supplier profileFile; private final String profileName; diff --git a/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/multiauth/AuthSchemePreferenceProviderTest.java b/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/multiauth/AuthSchemePreferenceProviderTest.java index d52f3418341f..b4abb4fe4f3f 100644 --- a/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/multiauth/AuthSchemePreferenceProviderTest.java +++ b/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/multiauth/AuthSchemePreferenceProviderTest.java @@ -28,7 +28,7 @@ import org.junit.jupiter.params.provider.Arguments; import org.junit.jupiter.params.provider.MethodSource; import software.amazon.awssdk.auth.credentials.AnonymousCredentialsProvider; -import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; +import software.amazon.awssdk.awscore.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.core.SdkSystemSetting; import software.amazon.awssdk.core.SelectedAuthScheme; import software.amazon.awssdk.core.interceptor.Context; diff --git a/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/multiauth/MultiAuthSigningPropertiesTest.java b/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/multiauth/MultiAuthSigningPropertiesTest.java index ebe63f18562f..639f5097146b 100644 --- a/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/multiauth/MultiAuthSigningPropertiesTest.java +++ b/test/codegen-generated-classes-test/src/test/java/software/amazon/awssdk/services/multiauth/MultiAuthSigningPropertiesTest.java @@ -24,7 +24,6 @@ import static org.mockito.Mockito.when; import java.util.Arrays; -import java.util.List; import java.util.StringJoiner; import java.util.concurrent.CompletableFuture; import org.assertj.core.api.Assertions; @@ -35,7 +34,6 @@ import org.junit.jupiter.api.Test; import org.mockito.Mock; import org.mockito.MockitoAnnotations; -import software.amazon.awssdk.awscore.internal.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.core.SdkSystemSetting; import software.amazon.awssdk.http.SdkHttpClient; import software.amazon.awssdk.http.auth.aws.signer.AwsV4HttpSigner; From cb2d5a0d939a2783434fb94d45f86e7fbfd95217 Mon Sep 17 00:00:00 2001 From: Alex Woods Date: Fri, 23 May 2025 13:51:10 -0700 Subject: [PATCH 13/13] More checkstyle fixes --- .../awssdk/codegen/poet/builder/BaseClientBuilderClass.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codegen/src/main/java/software/amazon/awssdk/codegen/poet/builder/BaseClientBuilderClass.java b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/builder/BaseClientBuilderClass.java index e8da76165a92..25dddc17aa2d 100644 --- a/codegen/src/main/java/software/amazon/awssdk/codegen/poet/builder/BaseClientBuilderClass.java +++ b/codegen/src/main/java/software/amazon/awssdk/codegen/poet/builder/BaseClientBuilderClass.java @@ -43,10 +43,10 @@ import software.amazon.awssdk.auth.signer.Aws4Signer; import software.amazon.awssdk.auth.token.credentials.aws.DefaultAwsTokenProvider; import software.amazon.awssdk.auth.token.signer.aws.BearerTokenSigner; +import software.amazon.awssdk.awscore.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.awscore.client.builder.AwsDefaultClientBuilder; import software.amazon.awssdk.awscore.client.config.AwsClientOption; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; -import software.amazon.awssdk.awscore.auth.AuthSchemePreferenceProvider; import software.amazon.awssdk.codegen.internal.Utils; import software.amazon.awssdk.codegen.model.intermediate.IntermediateModel; import software.amazon.awssdk.codegen.model.intermediate.OperationModel;