diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AssembleMiddlewareStack.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AssembleMiddlewareStack.java index e7883056554..bb1ec03d198 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AssembleMiddlewareStack.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AssembleMiddlewareStack.java @@ -63,7 +63,7 @@ public List getClientPlugins() { // Add streaming events payload middleware to operation stack RuntimeClientPlugin.builder() .operationPredicate((model, service, operation) -> { - if (!AwsSignatureVersion4.hasSigV4AuthScheme( + if (!AwsSignatureVersion4.hasSigV4X( model, service, operation)) { return false; } @@ -79,7 +79,7 @@ public List getClientPlugins() { // Add unsigned payload middleware to operation stack RuntimeClientPlugin.builder() .operationPredicate((model, service, operation) -> { - if (!AwsSignatureVersion4.hasSigV4AuthScheme( + if (!AwsSignatureVersion4.hasSigV4X( model, service, operation)) { return false; } @@ -96,7 +96,7 @@ public List getClientPlugins() { // Add signed payload middleware to operation stack RuntimeClientPlugin.builder() .operationPredicate((model, service, operation) -> { - if (!AwsSignatureVersion4.hasSigV4AuthScheme( + if (!AwsSignatureVersion4.hasSigV4X( model, service, operation)) { return false; } @@ -113,7 +113,7 @@ public List getClientPlugins() { // Add content-sha256 payload header middleware to operation stack RuntimeClientPlugin.builder() .operationPredicate((model, service, operation) -> { - if (!AwsSignatureVersion4.hasSigV4AuthScheme( + if (!AwsSignatureVersion4.hasSigV4X( model, service, operation)) { return false; } diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AwsSignatureVersion4.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AwsSignatureVersion4.java index 98b006d952a..a2305fbd3f6 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AwsSignatureVersion4.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AwsSignatureVersion4.java @@ -17,6 +17,8 @@ import java.util.List; import java.util.Map; + +import software.amazon.smithy.aws.traits.auth.SigV4ATrait; import software.amazon.smithy.aws.traits.auth.SigV4Trait; import software.amazon.smithy.codegen.core.Symbol; import software.amazon.smithy.codegen.core.SymbolProvider; @@ -154,4 +156,10 @@ public static boolean hasSigV4AuthScheme(Model model, ServiceShape service, Oper Map auth = ServiceIndex.of(model).getEffectiveAuthSchemes(service.getId(), operation.getId()); return auth.containsKey(SigV4Trait.ID) && !operation.hasTrait(OptionalAuthTrait.class); } + + public static boolean hasSigV4X(Model model, ServiceShape service, OperationShape operation) { + var auth = ServiceIndex.of(model) + .getEffectiveAuthSchemes(service.getId(), operation.getId()); + return auth.containsKey(SigV4Trait.ID) || auth.containsKey(SigV4ATrait.ID); + } } diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AwsSignatureVersion4aUtils.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AwsSignatureVersion4aUtils.java index dc9df6a4d36..fff512cf578 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AwsSignatureVersion4aUtils.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AwsSignatureVersion4aUtils.java @@ -16,56 +16,20 @@ package software.amazon.smithy.aws.go.codegen; import software.amazon.smithy.aws.go.codegen.customization.AwsCustomGoDependency; -import software.amazon.smithy.go.codegen.GoDependency; import software.amazon.smithy.go.codegen.GoWriter; import software.amazon.smithy.go.codegen.SmithyGoDependency; import software.amazon.smithy.go.codegen.SymbolUtils; -import software.amazon.smithy.model.Model; import software.amazon.smithy.model.shapes.ServiceShape; /** * Generates Client Configuration, Middleware, and Config Resolvers for AWS Signature Version 4a support. */ public final class AwsSignatureVersion4aUtils { - public static final String RESOLVE_CREDENTIAL_PROVIDER = "resolveCredentialProvider"; - public static final String REGISTER_MIDDLEWARE_FUNCTION = "swapWithCustomHTTPSignerMiddleware"; public static final String V4A_SIGNER_INTERFACE_NAME = "httpSignerV4a"; public static final String SIGNER_OPTION_FIELD_NAME = V4A_SIGNER_INTERFACE_NAME; public static final String NEW_SIGNER_FUNC_NAME = "newDefaultV4aSigner"; public static final String SIGNER_RESOLVER = "resolveHTTPSignerV4a"; - public static void writeCredentialProviderResolver(GoWriter writer) { - writer.pushState(); - writer.putContext("resolverName", RESOLVE_CREDENTIAL_PROVIDER); - writer.putContext("fieldName", AddAwsConfigFields.CREDENTIALS_CONFIG_NAME); - writer.putContext("credType", SymbolUtils.createPointableSymbolBuilder("CredentialsProvider", - AwsCustomGoDependency.INTERNAL_SIGV4A).build()); - writer.putContext("anonType", SymbolUtils.createPointableSymbolBuilder("AnonymousCredentials", - AwsCustomGoDependency.AWS_CORE).build()); - writer.putContext("isProvider", SymbolUtils.createValueSymbolBuilder("IsCredentialsProvider", - AwsCustomGoDependency.AWS_CORE).build()); - writer.putContext("adapType", SymbolUtils.createPointableSymbolBuilder("SymmetricCredentialAdaptor", - AwsCustomGoDependency.INTERNAL_SIGV4A).build()); - writer.write(""" - func $resolverName:L(o *Options) { - if o.$fieldName:L == nil { - return - } - - if _, ok := o.$fieldName:L.($credType:T); ok { - return - } - - if $isProvider:T(o.$fieldName:L, ($anonType:P)(nil)) { - return - } - - o.$fieldName:L = &$adapType:T{SymmetricProvider: o.$fieldName:L} - } - """); - writer.popState(); - } - public static void writerSignerInterface(GoWriter writer) { writer.pushState(); writer.putContext("ifaceName", V4A_SIGNER_INTERFACE_NAME); @@ -106,14 +70,6 @@ public static void writerConfigFieldResolver(GoWriter writer, ServiceShape servi } public static void writeNewV4ASignerFunc(GoWriter writer, ServiceShape serviceShape) { - writeNewV4ASignerFunc(writer, serviceShape, false); - } - - public static void writeNewV4ASignerFunc( - GoWriter writer, - ServiceShape serviceShape, - boolean disableURIPathEscaping - ) { writer.pushState(); writer.putContext("funcName", NEW_SIGNER_FUNC_NAME); writer.putContext("signerType", SymbolUtils.createPointableSymbolBuilder("Signer", @@ -124,49 +80,12 @@ public static void writeNewV4ASignerFunc( AwsCustomGoDependency.INTERNAL_SIGV4A).build()); writer.putContext("loggerField", AddAwsConfigFields.LOGGER_CONFIG_NAME); writer.putContext("modeField", AddAwsConfigFields.LOG_MODE_CONFIG_NAME); - writer.putContext("disableEscape", disableURIPathEscaping); writer.write(""" func $funcName:L(o Options) $signerType:P { return $newSigner:T(func(so $signerOptions:P){ so.Logger = o.$loggerField:L so.LogSigning = o.$modeField:L.IsSigning() - so.DisableURIPathEscaping = $disableEscape:L - }) - } - """); - writer.popState(); - } - - public static void writeMiddlewareRegister( - Model model, - GoWriter writer, - ServiceShape serviceShape, - GoDependency signerMiddleware - ) { - writer.pushState(); - writer.putContext("funcName", REGISTER_MIDDLEWARE_FUNCTION); - writer.putContext("stackType", SymbolUtils.createPointableSymbolBuilder("Stack", - SmithyGoDependency.SMITHY_MIDDLEWARE).build()); - writer.putContext("newMiddleware", SymbolUtils.createValueSymbolBuilder( - "NewSignHTTPRequestMiddleware", signerMiddleware).build()); - writer.putContext("middleOptions", SymbolUtils.createValueSymbolBuilder( - "SignHTTPRequestMiddlewareOptions", signerMiddleware).build()); - writer.putContext("registerMiddleware", SymbolUtils.createValueSymbolBuilder( - "RegisterSigningMiddleware", signerMiddleware).build()); - writer.putContext("credFileName", AddAwsConfigFields.CREDENTIALS_CONFIG_NAME); - writer.putContext("v4Signer", AwsSignatureVersion4.SIGNER_CONFIG_FIELD_NAME); - writer.putContext("v4aSigner", SIGNER_OPTION_FIELD_NAME); - writer.putContext("logMode", AddAwsConfigFields.LOG_MODE_CONFIG_NAME); - writer.write(""" - func $funcName:L(stack $stackType:P, o Options) error { - mw := $newMiddleware:T($middleOptions:T{ - CredentialsProvider: o.$credFileName:L, - V4Signer: o.$v4Signer:L, - V4aSigner: o.$v4aSigner:L, - LogSigning: o.$logMode:L.IsSigning(), }) - - return $registerMiddleware:T(stack, mw) } """); writer.popState(); diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/CloudFrontKVSSigV4a.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/CloudFrontKVSSigV4a.java index 3dae691f957..7a77d938d8f 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/CloudFrontKVSSigV4a.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/CloudFrontKVSSigV4a.java @@ -1,36 +1,39 @@ +/* + * Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"). + * You may not use this file except in compliance with the License. + * A copy of the License is located at + * + * http://aws.amazon.com/apache2.0 + * + * or in the "license" file accompanying this file. This file is distributed + * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing + * permissions and limitations under the License. + * + * + */ + package software.amazon.smithy.aws.go.codegen.customization; -import java.util.List; -import java.util.ArrayList; -import software.amazon.smithy.aws.go.codegen.AddAwsConfigFields; -import software.amazon.smithy.aws.go.codegen.AwsGoDependency; -import software.amazon.smithy.aws.go.codegen.AwsSignatureVersion4; -import software.amazon.smithy.aws.go.codegen.AwsSignatureVersion4aUtils; import software.amazon.smithy.aws.traits.ServiceTrait; import software.amazon.smithy.aws.traits.auth.SigV4ATrait; import software.amazon.smithy.aws.traits.auth.SigV4Trait; -import software.amazon.smithy.codegen.core.Symbol; -import software.amazon.smithy.codegen.core.SymbolProvider; -import software.amazon.smithy.go.codegen.GoDelegator; import software.amazon.smithy.go.codegen.GoSettings; -import software.amazon.smithy.go.codegen.GoWriter; -import software.amazon.smithy.go.codegen.SmithyGoDependency; -import software.amazon.smithy.go.codegen.SymbolUtils; -import software.amazon.smithy.go.codegen.integration.ConfigField; -import software.amazon.smithy.go.codegen.integration.ConfigFieldResolver; import software.amazon.smithy.go.codegen.integration.GoIntegration; -import software.amazon.smithy.go.codegen.integration.MiddlewareRegistrar; -import software.amazon.smithy.go.codegen.integration.RuntimeClientPlugin; import software.amazon.smithy.model.Model; import software.amazon.smithy.model.shapes.ServiceShape; import software.amazon.smithy.model.traits.AuthTrait; -import software.amazon.smithy.utils.ListUtils; import software.amazon.smithy.utils.SetUtils; /** * This integration configures the CloudFront Key Value Store client for Signature Version 4a */ public class CloudFrontKVSSigV4a implements GoIntegration { + // hardcoded from model so we don't have to extract it from whatever auth trait + private static final String SIGNING_NAME = "cloudfront-keyvaluestore"; + /** * Return true if service is CFKVS. * @@ -43,14 +46,6 @@ private static boolean isCFKVSService(Model model, ServiceShape service) { return serviceId.equalsIgnoreCase("cloudfrontkeyvaluestore"); } - private final List runtimeClientPlugins = new ArrayList<>(); - - - @Override - public List getClientPlugins() { - return runtimeClientPlugins; - } - @Override public Model preprocessModel(Model model, GoSettings settings) { ServiceShape service = settings.getService(model); @@ -58,91 +53,16 @@ public Model preprocessModel(Model model, GoSettings settings) { return model; } - if (settings.getService(model).hasTrait(SigV4ATrait.class)) { - return model; - } - - var v4a = SigV4ATrait.builder() - .name(service.expectTrait(SigV4Trait.class).getName()) - .build(); - + // we MUST preserve the sigv4 trait as released since it affects the exported API + // (signer interface and config field) return model.toBuilder() .addShape( service.toBuilder() - .addTrait(v4a) - // FUTURE: https://github.com/aws/smithy-go/issues/493 - // we are keeping sigv4 at the end of this list (it will never be selected) - // as a stopgap to drive codegen of payload checksum routines + .addTrait(SigV4ATrait.builder().name(SIGNING_NAME).build()) + .addTrait(SigV4Trait.builder().name(SIGNING_NAME).build()) .addTrait(new AuthTrait(SetUtils.of(SigV4ATrait.ID, SigV4Trait.ID))) .build() ) .build(); } - - @Override - public void processFinalizedModel(GoSettings settings, Model model) { - if (!isCFKVSService(model, settings.getService(model))) { - return; - } - runtimeClientPlugins.add( - RuntimeClientPlugin.builder() - .configFields( - ListUtils.of( - ConfigField.builder() - .name(AwsSignatureVersion4aUtils.V4A_SIGNER_INTERFACE_NAME) - .type(SymbolUtils.buildPackageSymbol( - AwsSignatureVersion4aUtils.V4A_SIGNER_INTERFACE_NAME) - ) - .documentation("Signature Version 4a (SigV4a) Signer") - .build() - ) - ) - .build()); - runtimeClientPlugins.add( - RuntimeClientPlugin.builder() - .servicePredicate(CloudFrontKVSSigV4a::isCFKVSService) - .addConfigFieldResolver( - ConfigFieldResolver.builder() - .location(ConfigFieldResolver.Location.CLIENT) - .target(ConfigFieldResolver.Target.INITIALIZATION) - .resolver(SymbolUtils.createValueSymbolBuilder( - AwsSignatureVersion4aUtils.SIGNER_RESOLVER).build()) - .build()) - .build()); - } - - @Override - public void writeAdditionalFiles( - GoSettings settings, - Model model, - SymbolProvider symbolProvider, - GoDelegator goDelegator - ) { - - if (!isCFKVSService(model, model.expectShape(settings.getService(), ServiceShape.class))) { - return; - } - - ServiceShape serviceShape = settings.getService(model); - goDelegator.useShapeWriter(serviceShape, writer -> { - writerSignerInterface(writer); - writerConfigFieldResolver(writer, serviceShape); - writeNewV4ASignerFunc(writer, serviceShape); - }); - - } - - - private void writerSignerInterface(GoWriter writer) { - AwsSignatureVersion4aUtils.writerSignerInterface(writer); - } - - private void writeNewV4ASignerFunc(GoWriter writer, ServiceShape serviceShape) { - AwsSignatureVersion4aUtils.writeNewV4ASignerFunc(writer, serviceShape); - } - - private void writerConfigFieldResolver(GoWriter writer, ServiceShape serviceShape) { - AwsSignatureVersion4aUtils.writerConfigFieldResolver(writer, serviceShape); - } - } diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/EventBridgeMultiRegionEndpoint.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/EventBridgeMultiRegionEndpoint.java index 5192652b525..9b17fe76d84 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/EventBridgeMultiRegionEndpoint.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/EventBridgeMultiRegionEndpoint.java @@ -3,40 +3,29 @@ import java.util.ArrayList; import java.util.List; import java.util.Map; -import java.util.stream.Collectors; -import software.amazon.smithy.aws.go.codegen.AddAwsConfigFields; import software.amazon.smithy.aws.go.codegen.AwsEndpointGenerator; -import software.amazon.smithy.aws.go.codegen.AwsSignatureVersion4; -import software.amazon.smithy.aws.go.codegen.AwsSignatureVersion4aUtils; -import software.amazon.smithy.aws.go.codegen.EndpointGenerator; import software.amazon.smithy.aws.traits.ServiceTrait; import software.amazon.smithy.codegen.core.CodegenException; -import software.amazon.smithy.codegen.core.Symbol; import software.amazon.smithy.codegen.core.SymbolProvider; import software.amazon.smithy.go.codegen.GoDelegator; import software.amazon.smithy.go.codegen.GoSettings; import software.amazon.smithy.go.codegen.GoWriter; import software.amazon.smithy.go.codegen.SmithyGoDependency; import software.amazon.smithy.go.codegen.SymbolUtils; -import software.amazon.smithy.go.codegen.integration.ConfigField; -import software.amazon.smithy.go.codegen.integration.ConfigFieldResolver; import software.amazon.smithy.go.codegen.integration.GoIntegration; import software.amazon.smithy.go.codegen.integration.MiddlewareRegistrar; import software.amazon.smithy.go.codegen.integration.RuntimeClientPlugin; import software.amazon.smithy.model.Model; import software.amazon.smithy.model.knowledge.OperationIndex; import software.amazon.smithy.model.knowledge.TopDownIndex; -import software.amazon.smithy.model.shapes.MemberShape; import software.amazon.smithy.model.shapes.OperationShape; import software.amazon.smithy.model.shapes.ServiceShape; import software.amazon.smithy.model.shapes.ShapeId; import software.amazon.smithy.model.shapes.ShapeType; -import software.amazon.smithy.model.shapes.StructureShape; -import software.amazon.smithy.utils.ListUtils; import software.amazon.smithy.utils.MapUtils; /** - * This integration configures the EventBridge client for Signature Version 4a + * This integration configures legacy (pre-EndpointResolverV2) endpoint customizations for EventBridge. */ public class EventBridgeMultiRegionEndpoint implements GoIntegration { private static Map SUPPORTED_OPERATIONS = MapUtils.of( @@ -56,9 +45,6 @@ private static boolean isEventBridgeService(Model model, ServiceShape service) { @Override public List getClientPlugins() { - var resolver = SymbolUtils.createValueSymbolBuilder( - AwsSignatureVersion4aUtils.RESOLVE_CREDENTIAL_PROVIDER).build(); - List plugins = new ArrayList<>(); for (var operationId : SUPPORTED_OPERATIONS.keySet()) { @@ -78,46 +64,6 @@ public List getClientPlugins() { .build()); } - plugins.addAll(ListUtils.of(RuntimeClientPlugin.builder() - .addConfigFieldResolver(ConfigFieldResolver.builder() - .location(ConfigFieldResolver.Location.CLIENT) - .target(ConfigFieldResolver.Target.FINALIZATION) - .resolver(resolver) - .build()) - .addConfigFieldResolver(ConfigFieldResolver.builder() - .location(ConfigFieldResolver.Location.OPERATION) - .target(ConfigFieldResolver.Target.FINALIZATION) - .resolver(resolver) - .build()) - .servicePredicate((model, serviceShape) -> { - if (!EventBridgeMultiRegionEndpoint.isEventBridgeService(model, serviceShape)) { - return false; - } - return AwsSignatureVersion4.isSupportedAuthentication(model, serviceShape); - }) - .build(), - RuntimeClientPlugin.builder() - .servicePredicate(EventBridgeMultiRegionEndpoint::isEventBridgeService) - .addConfigField(ConfigField.builder() - .name(AwsSignatureVersion4aUtils.V4A_SIGNER_INTERFACE_NAME) - .type(SymbolUtils.createValueSymbolBuilder( - AwsSignatureVersion4aUtils.V4A_SIGNER_INTERFACE_NAME) - .build()) - .documentation("Signature Version 4a (SigV4a) Signer") - .build()) - .build(), - RuntimeClientPlugin.builder() - .servicePredicate(EventBridgeMultiRegionEndpoint::isEventBridgeService) - .addConfigFieldResolver( - ConfigFieldResolver.builder() - .location(ConfigFieldResolver.Location.CLIENT) - .target(ConfigFieldResolver.Target.INITIALIZATION) - .resolver(SymbolUtils.createValueSymbolBuilder( - AwsSignatureVersion4aUtils.SIGNER_RESOLVER).build()) - .build()) - .build() - )); - return plugins; } @@ -137,14 +83,6 @@ public void writeAdditionalFiles( } var serviceShape = settings.getService(model); - goDelegator.useShapeWriter(serviceShape, writer -> { - writeCredentialProviderResolver(writer); - writeSigningMiddlewareRegister(model, writer, serviceShape); - writerSignerInterface(writer); - writerSignerConfigFieldResolver(writer, serviceShape); - writeNewV4ASignerFunc(writer, serviceShape); - }); - for (var operationShape : TopDownIndex.of(model).getContainedOperations(serviceShape)) { if (!SUPPORTED_OPERATIONS.containsKey(operationShape.toShapeId())) { continue; @@ -156,27 +94,6 @@ public void writeAdditionalFiles( } } - private void writeCredentialProviderResolver(GoWriter writer) { - AwsSignatureVersion4aUtils.writeCredentialProviderResolver(writer); - } - - private void writerSignerInterface(GoWriter writer) { - AwsSignatureVersion4aUtils.writerSignerInterface(writer); - } - - private void writerSignerConfigFieldResolver(GoWriter writer, ServiceShape serviceShape) { - AwsSignatureVersion4aUtils.writerConfigFieldResolver(writer, serviceShape); - } - - private void writeNewV4ASignerFunc(GoWriter writer, ServiceShape serviceShape) { - AwsSignatureVersion4aUtils.writeNewV4ASignerFunc(writer, serviceShape); - } - - private void writeSigningMiddlewareRegister(Model model, GoWriter writer, ServiceShape serviceShape) { - AwsSignatureVersion4aUtils.writeMiddlewareRegister(model, writer, serviceShape, - AwsCustomGoDependency.EVENTBRIDGE_CUSTOMIZATION); - } - // retrieves function name for get bucket accessor function private String getEndpointIdAccessorName(String operationName, String memberName) { return String.format("get%s%s", operationName, memberName); diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/S3SignatureVersion4a.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/S3SignatureVersion4a.java deleted file mode 100644 index 0dc3e1d6495..00000000000 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/S3SignatureVersion4a.java +++ /dev/null @@ -1,122 +0,0 @@ -package software.amazon.smithy.aws.go.codegen.customization; - -import java.util.List; -import software.amazon.smithy.aws.go.codegen.AddAwsConfigFields; -import software.amazon.smithy.aws.go.codegen.AwsGoDependency; -import software.amazon.smithy.aws.go.codegen.AwsSignatureVersion4; -import software.amazon.smithy.aws.go.codegen.AwsSignatureVersion4aUtils; -import software.amazon.smithy.aws.traits.ServiceTrait; -import software.amazon.smithy.codegen.core.Symbol; -import software.amazon.smithy.codegen.core.SymbolProvider; -import software.amazon.smithy.go.codegen.GoDelegator; -import software.amazon.smithy.go.codegen.GoSettings; -import software.amazon.smithy.go.codegen.GoWriter; -import software.amazon.smithy.go.codegen.SmithyGoDependency; -import software.amazon.smithy.go.codegen.SymbolUtils; -import software.amazon.smithy.go.codegen.integration.ConfigField; -import software.amazon.smithy.go.codegen.integration.ConfigFieldResolver; -import software.amazon.smithy.go.codegen.integration.GoIntegration; -import software.amazon.smithy.go.codegen.integration.MiddlewareRegistrar; -import software.amazon.smithy.go.codegen.integration.RuntimeClientPlugin; -import software.amazon.smithy.model.Model; -import software.amazon.smithy.model.shapes.ServiceShape; -import software.amazon.smithy.utils.ListUtils; - -/** - * This integration configures the S3 client for Signature Version 4a - */ -public class S3SignatureVersion4a implements GoIntegration { - /** - * Return true if service is Amazon S3. - * - * @param model is the generation model. - * @param service is the service shape being audited. - */ - private static boolean isS3Service(Model model, ServiceShape service) { - String serviceId = service.expectTrait(ServiceTrait.class).getSdkId(); - return serviceId.equalsIgnoreCase("S3"); - } - - private static final List DISABLE_URI_PATH_ESCAPE = ListUtils.of("com.amazonaws.s3#AmazonS3"); - - @Override - public List getClientPlugins() { - Symbol resolver = SymbolUtils.createValueSymbolBuilder(AwsSignatureVersion4aUtils.RESOLVE_CREDENTIAL_PROVIDER) - .build(); - - return ListUtils.of(RuntimeClientPlugin.builder() - .addConfigFieldResolver(ConfigFieldResolver.builder() - .location(ConfigFieldResolver.Location.CLIENT) - .target(ConfigFieldResolver.Target.FINALIZATION) - .resolver(resolver) - .build()) - .addConfigFieldResolver(ConfigFieldResolver.builder() - .location(ConfigFieldResolver.Location.OPERATION) - .target(ConfigFieldResolver.Target.FINALIZATION) - .resolver(resolver) - .build()) - .servicePredicate((model, serviceShape) -> { - if (!S3SignatureVersion4a.isS3Service(model, serviceShape)) { - return false; - } - return AwsSignatureVersion4.isSupportedAuthentication(model, serviceShape); - }) - .build(), - RuntimeClientPlugin.builder() - .servicePredicate(S3SignatureVersion4a::isS3Service) - .addConfigFieldResolver( - ConfigFieldResolver.builder() - .location(ConfigFieldResolver.Location.CLIENT) - .target(ConfigFieldResolver.Target.INITIALIZATION) - .resolver(SymbolUtils.createValueSymbolBuilder( - AwsSignatureVersion4aUtils.SIGNER_RESOLVER).build()) - .build()) - .build() - ); - } - - @Override - public void writeAdditionalFiles( - GoSettings settings, - Model model, - SymbolProvider symbolProvider, - GoDelegator goDelegator - ) { - - if (!isS3Service(model, model.expectShape(settings.getService(), ServiceShape.class))) { - return; - } - - ServiceShape serviceShape = settings.getService(model); - goDelegator.useShapeWriter(serviceShape, writer -> { - writeCredentialProviderResolver(writer); - writeMiddlewareRegister(model, writer, serviceShape); - writerSignerInterface(writer); - writerConfigFieldResolver(writer, serviceShape); - writeNewV4ASignerFunc(writer, serviceShape); - }); - - } - - private void writeCredentialProviderResolver(GoWriter writer) { - AwsSignatureVersion4aUtils.writeCredentialProviderResolver(writer); - } - - private void writerSignerInterface(GoWriter writer) { - AwsSignatureVersion4aUtils.writerSignerInterface(writer); - } - - private void writerConfigFieldResolver(GoWriter writer, ServiceShape serviceShape) { - AwsSignatureVersion4aUtils.writerConfigFieldResolver(writer, serviceShape); - } - - private void writeNewV4ASignerFunc(GoWriter writer, ServiceShape serviceShape) { - AwsSignatureVersion4aUtils.writeNewV4ASignerFunc(writer, serviceShape, - DISABLE_URI_PATH_ESCAPE.contains(serviceShape.getId().toString())); - } - - private void writeMiddlewareRegister(Model model, GoWriter writer, ServiceShape serviceShape) { - AwsSignatureVersion4aUtils.writeMiddlewareRegister(model, writer, serviceShape, - AwsCustomGoDependency.S3_CUSTOMIZATION); - } -} diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/S3UpdateEndpoint.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/S3UpdateEndpoint.java index 7ab56d82998..ca49768f107 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/S3UpdateEndpoint.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/S3UpdateEndpoint.java @@ -22,7 +22,6 @@ import java.util.Set; import java.util.TreeSet; import java.util.stream.Collectors; -import software.amazon.smithy.aws.go.codegen.AwsSignatureVersion4aUtils; import software.amazon.smithy.codegen.core.CodegenException; import software.amazon.smithy.codegen.core.Symbol; import software.amazon.smithy.codegen.core.SymbolProvider; @@ -48,8 +47,7 @@ import static software.amazon.smithy.go.codegen.SymbolUtils.buildPackageSymbol; /** - * S3UpdateEndpoint integration serves to apply customizations for S3 service, - * and modifies the resolved endpoint based on S3 client config or input shape values. + * S3UpdateEndpoint integration applies legacy (pre-EndpointResolverV2) endpoint customizations for the S3 service. */ public class S3UpdateEndpoint implements GoIntegration { // Middleware name @@ -259,13 +257,6 @@ private static List getClientPlugins() { .putProperty(SymbolUtils.GO_UNIVERSE_TYPE, true) .build()) .documentation("Allows you to disable S3 Multi-Region access points feature.") - .build(), - ConfigField.builder() - .name(AwsSignatureVersion4aUtils.V4A_SIGNER_INTERFACE_NAME) - .type(SymbolUtils.createValueSymbolBuilder( - AwsSignatureVersion4aUtils.V4A_SIGNER_INTERFACE_NAME) - .build()) - .documentation("Signature Version 4a (SigV4a) Signer") .build() )) .build() diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/auth/AwsSigV4aAuthScheme.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/auth/AwsSigV4aAuthScheme.java index f1f903b31c5..1b7861adb7f 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/auth/AwsSigV4aAuthScheme.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/auth/AwsSigV4aAuthScheme.java @@ -15,6 +15,7 @@ package software.amazon.smithy.aws.go.codegen.customization.auth; +import software.amazon.smithy.aws.go.codegen.AwsSignatureVersion4aUtils; import software.amazon.smithy.aws.go.codegen.SdkGoTypes; import software.amazon.smithy.aws.traits.auth.SigV4ATrait; import software.amazon.smithy.codegen.core.SymbolProvider; @@ -23,10 +24,13 @@ import software.amazon.smithy.go.codegen.GoStdlibTypes; import software.amazon.smithy.go.codegen.GoWriter; import software.amazon.smithy.go.codegen.SmithyGoTypes; +import software.amazon.smithy.go.codegen.integration.ConfigField; +import software.amazon.smithy.go.codegen.integration.ConfigFieldResolver; import software.amazon.smithy.go.codegen.integration.GoIntegration; import software.amazon.smithy.go.codegen.integration.RuntimeClientPlugin; import software.amazon.smithy.go.codegen.integration.auth.SigV4ADefinition; import software.amazon.smithy.model.Model; +import software.amazon.smithy.model.shapes.ServiceShape; import software.amazon.smithy.utils.ListUtils; import software.amazon.smithy.utils.MapUtils; @@ -34,16 +38,36 @@ import static software.amazon.smithy.go.codegen.GoStackStepMiddlewareGenerator.generateFinalizeMiddlewareFunc; import static software.amazon.smithy.go.codegen.GoWriter.goTemplate; +import static software.amazon.smithy.go.codegen.SymbolUtils.buildPackageSymbol; /** * Adds auth scheme codegen support for aws.auth#sigv4a. */ public class AwsSigV4aAuthScheme implements GoIntegration { + private static final ConfigField Signer = ConfigField.builder() + .name(AwsSignatureVersion4aUtils.V4A_SIGNER_INTERFACE_NAME) + .type(buildPackageSymbol(AwsSignatureVersion4aUtils.V4A_SIGNER_INTERFACE_NAME)) + .documentation("Signature Version 4a (SigV4a) Signer") + .build(); + + private static final ConfigFieldResolver SignerResolver = ConfigFieldResolver.builder() + .location(ConfigFieldResolver.Location.CLIENT) + .target(ConfigFieldResolver.Target.INITIALIZATION) + .resolver(buildPackageSymbol(AwsSignatureVersion4aUtils.SIGNER_RESOLVER)) + .build(); + + private static boolean isSigV4A(Model model, ServiceShape service) { + return service.hasTrait(SigV4ATrait.class); + } + @Override public List getClientPlugins() { return ListUtils.of( RuntimeClientPlugin.builder() + .servicePredicate(AwsSigV4aAuthScheme::isSigV4A) .addAuthSchemeDefinition(SigV4ATrait.ID, new AwsSigV4A()) + .addConfigField(Signer) + .addConfigFieldResolver(SignerResolver) .build() ); } @@ -52,9 +76,17 @@ public List getClientPlugins() { public void writeAdditionalFiles( GoSettings settings, Model model, SymbolProvider symbolProvider, GoDelegator goDelegator ) { - if (settings.getService(model).hasTrait(SigV4ATrait.class)) { - goDelegator.useFileWriter("options.go", settings.getModuleName(), generateAdditionalSource()); + var service = settings.getService(model); + if (!isSigV4A(model, service)) { + return; } + + goDelegator.useFileWriter("options.go", settings.getModuleName(), generateAdditionalSource()); + goDelegator.useShapeWriter(service, writer -> { + AwsSignatureVersion4aUtils.writerSignerInterface(writer); + AwsSignatureVersion4aUtils.writerConfigFieldResolver(writer, service); + AwsSignatureVersion4aUtils.writeNewV4ASignerFunc(writer, service); + }); } public static class AwsSigV4A extends SigV4ADefinition { diff --git a/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration b/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration index 335d5506776..d0bce9309a3 100644 --- a/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration +++ b/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration @@ -40,7 +40,6 @@ software.amazon.smithy.aws.go.codegen.customization.S3PaginationExtensions software.amazon.smithy.aws.go.codegen.AwsHttpPresignURLClientGenerator software.amazon.smithy.aws.go.codegen.ResolveClientConfigFromSources software.amazon.smithy.aws.go.codegen.customization.S3GetBucketLocation -software.amazon.smithy.aws.go.codegen.customization.S3SignatureVersion4a software.amazon.smithy.aws.go.codegen.RequestResponseLogging software.amazon.smithy.aws.go.codegen.customization.S3AddPutObjectUnseekableBodyDoc software.amazon.smithy.aws.go.codegen.customization.BackfillEc2UnboxedToBoxedShapes diff --git a/service/cloudfrontkeyvaluestore/api_client.go b/service/cloudfrontkeyvaluestore/api_client.go index dabe9e7a163..75335d0829f 100644 --- a/service/cloudfrontkeyvaluestore/api_client.go +++ b/service/cloudfrontkeyvaluestore/api_client.go @@ -454,7 +454,6 @@ func newDefaultV4aSigner(o Options) *v4a.Signer { return v4a.NewSigner(func(so *v4a.SignerOptions) { so.Logger = o.Logger so.LogSigning = o.ClientLogMode.IsSigning() - so.DisableURIPathEscaping = false }) } diff --git a/service/eventbridge/api_client.go b/service/eventbridge/api_client.go index b5da74926ff..b7182bd1f87 100644 --- a/service/eventbridge/api_client.go +++ b/service/eventbridge/api_client.go @@ -15,7 +15,6 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/v4a" - ebcust "github.com/aws/aws-sdk-go-v2/service/eventbridge/internal/customizations" smithy "github.com/aws/smithy-go" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" @@ -50,10 +49,10 @@ func New(options Options, optFns ...func(*Options)) *Client { resolveHTTPSignerV4(&options) - resolveHTTPSignerV4a(&options) - resolveEndpointResolverV2(&options) + resolveHTTPSignerV4a(&options) + resolveAuthSchemeResolver(&options) for _, fn := range optFns { @@ -62,8 +61,6 @@ func New(options Options, optFns ...func(*Options)) *Client { finalizeRetryMaxAttempts(&options) - resolveCredentialProvider(&options) - ignoreAnonymousAuth(&options) finalizeServiceEndpointAuthResolver(&options) @@ -99,8 +96,6 @@ func (c *Client) invokeOperation(ctx context.Context, opID string, params interf finalizeClientEndpointResolverOptions(&options) - resolveCredentialProvider(&options) - finalizeOperationEndpointAuthResolver(&options) for _, fn := range stackFns { @@ -413,54 +408,6 @@ func addRetryMiddlewares(stack *middleware.Stack, o Options) error { return retry.AddRetryMiddlewares(stack, mo) } -func resolveCredentialProvider(o *Options) { - if o.Credentials == nil { - return - } - - if _, ok := o.Credentials.(v4a.CredentialsProvider); ok { - return - } - - if aws.IsCredentialsProvider(o.Credentials, (*aws.AnonymousCredentials)(nil)) { - return - } - - o.Credentials = &v4a.SymmetricCredentialAdaptor{SymmetricProvider: o.Credentials} -} - -func swapWithCustomHTTPSignerMiddleware(stack *middleware.Stack, o Options) error { - mw := ebcust.NewSignHTTPRequestMiddleware(ebcust.SignHTTPRequestMiddlewareOptions{ - CredentialsProvider: o.Credentials, - V4Signer: o.HTTPSignerV4, - V4aSigner: o.httpSignerV4a, - LogSigning: o.ClientLogMode.IsSigning(), - }) - - return ebcust.RegisterSigningMiddleware(stack, mw) -} - -type httpSignerV4a interface { - SignHTTP(ctx context.Context, credentials v4a.Credentials, r *http.Request, payloadHash, - service string, regionSet []string, signingTime time.Time, - optFns ...func(*v4a.SignerOptions)) error -} - -func resolveHTTPSignerV4a(o *Options) { - if o.httpSignerV4a != nil { - return - } - o.httpSignerV4a = newDefaultV4aSigner(*o) -} - -func newDefaultV4aSigner(o Options) *v4a.Signer { - return v4a.NewSigner(func(so *v4a.SignerOptions) { - so.Logger = o.Logger - so.LogSigning = o.ClientLogMode.IsSigning() - so.DisableURIPathEscaping = false - }) -} - // resolves dual-stack endpoint configuration func resolveUseDualStackEndpoint(cfg aws.Config, o *Options) error { if len(cfg.ConfigSources) == 0 { @@ -491,6 +438,26 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +type httpSignerV4a interface { + SignHTTP(ctx context.Context, credentials v4a.Credentials, r *http.Request, payloadHash, + service string, regionSet []string, signingTime time.Time, + optFns ...func(*v4a.SignerOptions)) error +} + +func resolveHTTPSignerV4a(o *Options) { + if o.httpSignerV4a != nil { + return + } + o.httpSignerV4a = newDefaultV4aSigner(*o) +} + +func newDefaultV4aSigner(o Options) *v4a.Signer { + return v4a.NewSigner(func(so *v4a.SignerOptions) { + so.Logger = o.Logger + so.LogSigning = o.ClientLogMode.IsSigning() + }) +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/s3/api_client.go b/service/s3/api_client.go index 5e5f27b2d72..db35814d356 100644 --- a/service/s3/api_client.go +++ b/service/s3/api_client.go @@ -56,10 +56,10 @@ func New(options Options, optFns ...func(*Options)) *Client { resolveHTTPSignerV4(&options) - resolveHTTPSignerV4a(&options) - resolveEndpointResolverV2(&options) + resolveHTTPSignerV4a(&options) + resolveAuthSchemeResolver(&options) for _, fn := range optFns { @@ -68,8 +68,6 @@ func New(options Options, optFns ...func(*Options)) *Client { finalizeRetryMaxAttempts(&options) - resolveCredentialProvider(&options) - ignoreAnonymousAuth(&options) resolveExpressCredentials(&options) @@ -111,8 +109,6 @@ func (c *Client) invokeOperation(ctx context.Context, opID string, params interf finalizeClientEndpointResolverOptions(&options) - resolveCredentialProvider(&options) - finalizeOperationExpressCredentials(&options, *c) finalizeOperationEndpointAuthResolver(&options) @@ -496,33 +492,6 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } -func resolveCredentialProvider(o *Options) { - if o.Credentials == nil { - return - } - - if _, ok := o.Credentials.(v4a.CredentialsProvider); ok { - return - } - - if aws.IsCredentialsProvider(o.Credentials, (*aws.AnonymousCredentials)(nil)) { - return - } - - o.Credentials = &v4a.SymmetricCredentialAdaptor{SymmetricProvider: o.Credentials} -} - -func swapWithCustomHTTPSignerMiddleware(stack *middleware.Stack, o Options) error { - mw := s3cust.NewSignHTTPRequestMiddleware(s3cust.SignHTTPRequestMiddlewareOptions{ - CredentialsProvider: o.Credentials, - V4Signer: o.HTTPSignerV4, - V4aSigner: o.httpSignerV4a, - LogSigning: o.ClientLogMode.IsSigning(), - }) - - return s3cust.RegisterSigningMiddleware(stack, mw) -} - type httpSignerV4a interface { SignHTTP(ctx context.Context, credentials v4a.Credentials, r *http.Request, payloadHash, service string, regionSet []string, signingTime time.Time, @@ -540,7 +509,6 @@ func newDefaultV4aSigner(o Options) *v4a.Signer { return v4a.NewSigner(func(so *v4a.SignerOptions) { so.Logger = o.Logger so.LogSigning = o.ClientLogMode.IsSigning() - so.DisableURIPathEscaping = true }) } diff --git a/service/s3/internal/customizations/signer_wrapper.go b/service/s3/internal/customizations/signer_wrapper.go index cc2bf9c1313..756823cb758 100644 --- a/service/s3/internal/customizations/signer_wrapper.go +++ b/service/s3/internal/customizations/signer_wrapper.go @@ -182,15 +182,12 @@ func (p *PresignHTTPRequestMiddleware) HandleFinalize( switch signerVersion { case "aws.auth#sigv4a": - v4aCredentialProvider, ok := p.credentialsProvider.(v4a.CredentialsProvider) - if !ok { - return out, metadata, fmt.Errorf("invalid credential-provider provided for sigV4a Signer") - } - mw := v4a.NewPresignHTTPRequestMiddleware(v4a.PresignHTTPRequestMiddlewareOptions{ - CredentialsProvider: v4aCredentialProvider, - Presigner: p.v4aSigner, - LogSigning: p.logSigning, + CredentialsProvider: &v4a.SymmetricCredentialAdaptor{ + SymmetricProvider: p.credentialsProvider, + }, + Presigner: p.v4aSigner, + LogSigning: p.logSigning, }) return mw.HandleFinalize(ctx, in, next) case "aws.auth#sigv4":