Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Endpoint Params to AuthSchemeParams for MultiAuth Scheme Resolution #5797

Closed
wants to merge 21 commits into from
Closed

Add Endpoint Params to AuthSchemeParams for MultiAuth Scheme Resolution #5797

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
44348f2
Update AuthScemeParams with RegionSet for Sigv4a auth Scheme
joviegas Dec 30, 2024
0c019d4
Update Codegen AuthSchemeInterceptorSpec to update RegionSet for Auth…
joviegas Jan 1, 2025
5b1ac51
Rebase
joviegas Jan 1, 2025
c7fba53
updated method name
joviegas Jan 2, 2025
2d83907
Merge branch 'master' into joviegas/autheme_params_spec
joviegas Jan 3, 2025
36d1e4b
Merge branch 'feature/master/multi-auth-sigv4a' into joviegas/autheme…
joviegas Jan 3, 2025
ab6ca72
Adding sigv4aResionSet client builder for services which has Sigv4a i…
joviegas Jan 3, 2025
b837482
Adding Codegen support for unsignedPayload model trait for multi-auth…
joviegas Jan 7, 2025
22ecdf6
Adding Codegen support for unsignedPayload model trait for multi-auth…
joviegas Jan 7, 2025
110916e
Merge branch 'feature/master/multi-auth-sigv4a' into joviegas/autheme…
joviegas Jan 7, 2025
278eb7c
rebase
joviegas Jan 7, 2025
bb3beca
Adding Codegen support for unsignedPayload model trait for multi-auth…
joviegas Jan 7, 2025
1825f54
Handled comments
joviegas Jan 8, 2025
ee5a7c5
updated variable names
joviegas Jan 8, 2025
292dbc4
Merge branch 'feature/master/multi-auth-sigv4a' into joviegas/autheme…
joviegas Jan 8, 2025
5a742a5
Add Endpoint Params in Auth Scheme params for MultiAuth Sigv4/4a and …
joviegas Jan 15, 2025
b5c623b
revert enableEndpointAuthSchemeParams as endpointBasedAuthSchemeParam…
joviegas Jan 15, 2025
2938bcb
Typo errors
joviegas Jan 15, 2025
60b7d08
Merge branch 'feature/master/multi-auth-sigv4a' into joviegas/autheme…
joviegas Jan 16, 2025
3ee618d
Handled comments
joviegas Jan 16, 2025
711935d
Added AuthSchemed Interceptor changes to populate AuthScheme Params f…
joviegas Jan 18, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions ...src/main/java/software/amazon/awssdk/codegen/emitters/tasks/AuthSchemeGeneratorTasks.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,8 @@ protected List<GeneratorTask> createTasks() {
tasks.add(generateAuthSchemeInterceptor());
if (authSchemeSpecUtils.useEndpointBasedAuthProvider()) {
tasks.add(generateEndpointBasedProvider());
}
if (authSchemeSpecUtils.useEndpointParamsInAuthScheme()) {
tasks.add(generateEndpointAwareAuthSchemeParams());
}
return tasks;
Expand Down
40 changes: 20 additions & 20 deletions .../main/java/software/amazon/awssdk/codegen/poet/auth/scheme/AuthSchemeInterceptorSpec.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@
import software.amazon.awssdk.metrics.MetricCollector;
import software.amazon.awssdk.metrics.SdkMetric;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.utils.CollectionUtils;
import software.amazon.awssdk.utils.Logger;
import software.amazon.awssdk.utils.Validate;

Expand Down Expand Up @@ -146,20 +147,23 @@ private MethodSpec generateAuthSchemeParams() {
.addParameter(SdkRequest.class, "request")
.addParameter(ExecutionAttributes.class, "executionAttributes");

if (!authSchemeSpecUtils.useEndpointBasedAuthProvider()) {
if (!authSchemeSpecUtils.useEndpointParamsInAuthScheme()) {
builder.addStatement("$T operation = executionAttributes.getAttribute($T.OPERATION_NAME)", String.class,
SdkExecutionAttribute.class);
builder.addStatement("$T.Builder builder = $T.builder().operation(operation)",
authSchemeSpecUtils.parametersInterfaceName(),
authSchemeSpecUtils.parametersInterfaceName());

if (authSchemeSpecUtils.usesSigV4()) {
builder.addStatement("$T region = executionAttributes.getAttribute($T.AWS_REGION)", Region.class,
AwsExecutionAttribute.class);
builder.addStatement("builder.region(region)");
builder.addStatement("return $T.builder()"
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reverted this fix back to master , since these changes were not required as we are using same code as EndpointBased params

+ ".operation(operation)"
+ ".region(region)"
+ ".build()",
authSchemeSpecUtils.parametersInterfaceName());
} else {
builder.addStatement("return $T.builder()"
+ ".operation(operation)"
+ ".build()",
authSchemeSpecUtils.parametersInterfaceName());
}
generateSigv4aRegionSet(builder);
builder.addStatement("return builder.build()");
return builder.build();
}

Expand Down Expand Up @@ -196,7 +200,9 @@ private MethodSpec generateAuthSchemeParams() {
builder.addStatement("(($T)builder).endpointProvider(($T)endpointProvider)", paramsBuilderClass, endpointProviderClass);
builder.endControlFlow();
builder.endControlFlow();
// TODO: Implement addRegionSet() for legacy services that resolve authentication from endpoints in one of next PRs.
if (authSchemeSpecUtils.hasMultiAuthSigvOrSigv4a()) {
generateSigv4aRegionSet(builder);
}
builder.addStatement("return builder.build()");
return builder.build();
}
Expand Down Expand Up @@ -452,19 +458,13 @@ private TypeName toTypeName(Object valueType) {
private void generateSigv4aRegionSet(MethodSpec.Builder builder) {
if (authSchemeSpecUtils.usesSigV4a()) {
builder.addStatement(
"$T regionSet = executionAttributes.getOptionalAttribute($T.AWS_SIGV4A_SIGNING_REGION_SET)\n" +
" .filter(regions -> !regions.isEmpty())\n" +
" .map(regions -> $T.create(String.join(\", \", regions)))\n" +
" .orElseGet(() -> {\n" +
" $T fallbackRegion = executionAttributes.getAttribute($T.AWS_REGION);\n" +
" return fallbackRegion != null ? $T.create(fallbackRegion.toString()) : null;\n" +
" });",
RegionSet.class, AwsExecutionAttribute.class,
RegionSet.class, Region.class, AwsExecutionAttribute.class,
"executionAttributes.getOptionalAttribute($T.AWS_SIGV4A_SIGNING_REGION_SET)\n" +
" .filter(regionSet -> !$T.isNullOrEmpty(regionSet))\n" +
" .ifPresent(nonEmptyRegionSet -> builder.regionSet($T.create(nonEmptyRegionSet)))",
AwsExecutionAttribute.class,
CollectionUtils.class,
RegionSet.class
);

builder.addStatement("builder.regionSet(regionSet)");
}
}
}
4 changes: 2 additions & 2 deletions ...n/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/AuthSchemeParamsSpec.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -131,7 +131,7 @@ private void addAccessorMethods(TypeSpec.Builder b) {
.build());
}

if (authSchemeSpecUtils.generateEndpointBasedParams()) {
if (authSchemeSpecUtils.useEndpointParamsInAuthScheme()) {
parameters().forEach((name, model) -> {
if (authSchemeSpecUtils.includeParam(name)) {
MethodSpec accessor = endpointRulesSpecUtils.parameterInterfaceAccessorMethod(name, model);
Expand Down Expand Up @@ -184,7 +184,7 @@ private void addBuilderSetterMethods(TypeSpec.Builder b) {

}

if (authSchemeSpecUtils.generateEndpointBasedParams()) {
if (authSchemeSpecUtils.useEndpointParamsInAuthScheme()) {
parameters().forEach((name, model) -> {
if (authSchemeSpecUtils.includeParam(name)) {
ClassName parametersInterfaceName = authSchemeSpecUtils.parametersInterfaceName();
Expand Down
21 changes: 21 additions & 0 deletions ...en/src/main/java/software/amazon/awssdk/codegen/poet/auth/scheme/AuthSchemeSpecUtils.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,10 @@
import java.util.Set;
import software.amazon.awssdk.codegen.model.config.customization.CustomizationConfig;
import software.amazon.awssdk.codegen.model.intermediate.IntermediateModel;
import software.amazon.awssdk.codegen.model.service.AuthType;
import software.amazon.awssdk.codegen.utils.AuthUtils;
import software.amazon.awssdk.http.auth.spi.scheme.AuthSchemeOption;
import software.amazon.awssdk.utils.CollectionUtils;

public final class AuthSchemeSpecUtils {
private static final Set<String> DEFAULT_AUTH_SCHEME_PARAMS = setOf("region", "operation");
Expand Down Expand Up @@ -147,6 +149,25 @@ public boolean includeParamForProvider(String name) {
return true;
}

//Multi-Auth option determined by "auth" trait on Service model or operation model.
public boolean hasMultiAuthSigvOrSigv4a() {
List<AuthType> authList = intermediateModel.getMetadata().getAuth();

return (!CollectionUtils.isNullOrEmpty(authList) &&
authList.stream().anyMatch(authType -> authType == AuthType.V4 || authType == AuthType.V4A))
||
intermediateModel.getOperations()
.values()
.stream()
.flatMap(operationModel -> operationModel.getAuth().stream())
.anyMatch(authType -> authType == AuthType.V4 || authType == AuthType.V4A);
}

//Include Endpoint params in Auth Schemes to resolve the Endpoint for obtaining Signing properties in Multi Auth.
public boolean useEndpointParamsInAuthScheme() {
return generateEndpointBasedParams() || hasMultiAuthSigvOrSigv4a();
}

public String serviceName() {
return intermediateModel.getMetadata().getServiceName();
}
Expand Down
12 changes: 6 additions & 6 deletions ...ain/java/software/amazon/awssdk/codegen/poet/auth/scheme/DefaultAuthSchemeParamsSpec.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ public TypeSpec poetSpec() {
.addMethod(builderMethod())
.addType(builderImplSpec());

if (authSchemeSpecUtils.useEndpointBasedAuthProvider()) {
if (authSchemeSpecUtils.useEndpointParamsInAuthScheme()) {
b.addSuperinterface(authSchemeSpecUtils.parametersEndpointAwareDefaultImplName());
}

Expand All @@ -84,7 +84,7 @@ private MethodSpec constructor() {
b.addStatement("this.regionSet = builder.regionSet");
}

if (authSchemeSpecUtils.generateEndpointBasedParams()) {
if (authSchemeSpecUtils.useEndpointParamsInAuthScheme()) {
parameters().forEach((name, model) -> {
if (authSchemeSpecUtils.includeParam(name)) {
String fieldName = authSchemeSpecUtils.paramMethodName(name);
Expand Down Expand Up @@ -122,7 +122,7 @@ private TypeSpec builderImplSpec() {
.addModifiers(Modifier.PRIVATE, Modifier.STATIC, Modifier.FINAL)
.addSuperinterface(authSchemeSpecUtils.parametersInterfaceBuilderInterfaceName());

if (authSchemeSpecUtils.useEndpointBasedAuthProvider()) {
if (authSchemeSpecUtils.useEndpointParamsInAuthScheme()) {
b.addSuperinterface(authSchemeSpecUtils.parametersEndpointAwareDefaultImplName().nestedClass("Builder"));
}

Expand Down Expand Up @@ -153,7 +153,7 @@ private void addBuilderConstructors(TypeSpec.Builder b) {
if (authSchemeSpecUtils.usesSigV4a()) {
builderFromInstance.addStatement("this.regionSet = params.regionSet");
}
if (authSchemeSpecUtils.generateEndpointBasedParams()) {
if (authSchemeSpecUtils.useEndpointParamsInAuthScheme()) {
parameters().forEach((name, model) -> {
if (authSchemeSpecUtils.includeParam(name)) {
builderFromInstance.addStatement("this.$1N = params.$1N", endpointRulesSpecUtils.variableName(name));
Expand Down Expand Up @@ -202,7 +202,7 @@ private void addFieldsAndAccessors(TypeSpec.Builder b) {
.build());
}

if (authSchemeSpecUtils.generateEndpointBasedParams()) {
if (authSchemeSpecUtils.useEndpointParamsInAuthScheme()) {
parameters().forEach((name, model) -> {
if (authSchemeSpecUtils.includeParam(name)) {
b.addField(endpointRulesSpecUtils.parameterClassField(name, model));
Expand Down Expand Up @@ -255,7 +255,7 @@ private void addBuilderFieldsAndSetter(TypeSpec.Builder b) {
b.addMethod(builderSetterMethod("regionSet", TypeName.get(RegionSet.class)));
}

if (authSchemeSpecUtils.generateEndpointBasedParams()) {
if (authSchemeSpecUtils.useEndpointParamsInAuthScheme()) {
parameters().forEach((name, model) -> {
if (authSchemeSpecUtils.includeParam(name)) {
b.addField(endpointRulesSpecUtils.parameterBuilderFieldSpec(name, model));
Expand Down
5 changes: 5 additions & 0 deletions codegen/src/test/java/software/amazon/awssdk/codegen/poet/ClientTestModels.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -341,10 +341,15 @@ public static IntermediateModel opsWithSigv4a() {
File customizationModel =
new File(ClientTestModels.class.getResource("client/c2j/ops-with-auth-sigv4a-value/customization.config")
.getFile());

File endpointRuleSetModel =
new File(ClientTestModels.class.getResource("client/c2j/ops-with-auth-sigv4a-value/endpoint-rule-set.json").getFile());

C2jModels models = C2jModels
.builder()
.serviceModel(getServiceModel(serviceModel))
.customizationConfig(getCustomizationConfig(customizationModel))
.endpointRuleSetModel(getEndpointRuleSet(endpointRuleSetModel))
.build();

return new IntermediateModelBuilder(models).build();
Expand Down
90 changes: 88 additions & 2 deletions ...zon/awssdk/codegen/poet/auth/scheme/ops-auth-sigv4a-value-auth-scheme-default-params.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,21 +5,37 @@
import software.amazon.awssdk.http.auth.aws.signer.RegionSet;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.database.auth.scheme.DatabaseAuthSchemeParams;
import software.amazon.awssdk.services.database.endpoints.DatabaseEndpointProvider;
import software.amazon.awssdk.utils.Validate;

@Generated("software.amazon.awssdk:codegen")
@SdkInternalApi
public final class DefaultDatabaseAuthSchemeParams implements DatabaseAuthSchemeParams {
public final class DefaultDatabaseAuthSchemeParams implements DatabaseAuthSchemeParams, DatabaseEndpointResolverAware {
private final String operation;

private final Region region;

private final RegionSet regionSet;

private final Boolean useDualStackEndpoint;

private final Boolean useFIPSEndpoint;

private final String accountId;

private final String operationContextParam;

private final DatabaseEndpointProvider endpointProvider;

private DefaultDatabaseAuthSchemeParams(Builder builder) {
this.operation = Validate.paramNotNull(builder.operation, "operation");
this.region = builder.region;
this.regionSet = builder.regionSet;
this.useDualStackEndpoint = builder.useDualStackEndpoint;
this.useFIPSEndpoint = builder.useFIPSEndpoint;
this.accountId = builder.accountId;
this.operationContextParam = builder.operationContextParam;
this.endpointProvider = builder.endpointProvider;
}

public static DatabaseAuthSchemeParams.Builder builder() {
Expand All @@ -41,25 +57,65 @@ public RegionSet regionSet() {
return regionSet;
}

@Override
public Boolean useDualStackEndpoint() {
return useDualStackEndpoint;
}

@Override
public Boolean useFipsEndpoint() {
return useFIPSEndpoint;
}

@Override
public String accountId() {
return accountId;
}

@Override
public String operationContextParam() {
return operationContextParam;
}

@Override
public DatabaseEndpointProvider endpointProvider() {
return endpointProvider;
}

@Override
public DatabaseAuthSchemeParams.Builder toBuilder() {
return new Builder(this);
}

private static final class Builder implements DatabaseAuthSchemeParams.Builder {
private static final class Builder implements DatabaseAuthSchemeParams.Builder, DatabaseEndpointResolverAware.Builder {
private String operation;

private Region region;

private RegionSet regionSet;

private Boolean useDualStackEndpoint;

private Boolean useFIPSEndpoint;

private String accountId;

private String operationContextParam;

private DatabaseEndpointProvider endpointProvider;

Builder() {
}

Builder(DefaultDatabaseAuthSchemeParams params) {
this.operation = params.operation;
this.region = params.region;
this.regionSet = params.regionSet;
this.useDualStackEndpoint = params.useDualStackEndpoint;
this.useFIPSEndpoint = params.useFIPSEndpoint;
this.accountId = params.accountId;
this.operationContextParam = params.operationContextParam;
this.endpointProvider = params.endpointProvider;
}

@Override
Expand All @@ -80,6 +136,36 @@ public Builder regionSet(RegionSet regionSet) {
return this;
}

@Override
public Builder useDualStackEndpoint(Boolean useDualStackEndpoint) {
this.useDualStackEndpoint = useDualStackEndpoint;
return this;
}

@Override
public Builder useFipsEndpoint(Boolean useFIPSEndpoint) {
this.useFIPSEndpoint = useFIPSEndpoint;
return this;
}

@Override
public Builder accountId(String accountId) {
this.accountId = accountId;
return this;
}

@Override
public Builder operationContextParam(String operationContextParam) {
this.operationContextParam = operationContextParam;
return this;
}

@Override
public Builder endpointProvider(DatabaseEndpointProvider endpointProvider) {
this.endpointProvider = endpointProvider;
return this;
}

@Override
public DatabaseAuthSchemeParams build() {
return new DefaultDatabaseAuthSchemeParams(this);
Expand Down
Loading
Loading