From 58862efc6826995300f98e25d6d99b8bed645acd Mon Sep 17 00:00:00 2001 From: Allan Zheng Date: Fri, 7 May 2021 13:27:14 -0700 Subject: [PATCH 1/3] fix(client-sts): add sts fix to template --- clients/client-sts/defaultRoleAssumers.ts | 2 ++ clients/client-sts/defaultStsRoleAssumers.ts | 2 ++ .../typescript/codegen/sts-client-defaultRoleAssumers.ts | 2 ++ .../codegen/sts-client-defaultStsRoleAssumers.ts | 7 ++++++- 4 files changed, 12 insertions(+), 1 deletion(-) diff --git a/clients/client-sts/defaultRoleAssumers.ts b/clients/client-sts/defaultRoleAssumers.ts index 76ab95049e91..c2da0112a630 100644 --- a/clients/client-sts/defaultRoleAssumers.ts +++ b/clients/client-sts/defaultRoleAssumers.ts @@ -1,3 +1,5 @@ +// Please do not touch this file. It's generated from template: +// https://github.com/aws/aws-sdk-js-v3/blob/main/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultRoleAssumers.ts import { DefaultCredentialProvider, getDefaultRoleAssumer as StsGetDefaultRoleAssumer, diff --git a/clients/client-sts/defaultStsRoleAssumers.ts b/clients/client-sts/defaultStsRoleAssumers.ts index 638ef7a9d9b7..0c0a66db761f 100644 --- a/clients/client-sts/defaultStsRoleAssumers.ts +++ b/clients/client-sts/defaultStsRoleAssumers.ts @@ -1,3 +1,5 @@ +// Please do not touch this file. It's generated from template: +// https://github.com/aws/aws-sdk-js-v3/blob/main/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultStsRoleAssumers.ts import { Credentials, Provider } from "@aws-sdk/types"; import { AssumeRoleCommand, AssumeRoleCommandInput } from "./commands/AssumeRoleCommand"; diff --git a/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultRoleAssumers.ts b/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultRoleAssumers.ts index 76ab95049e91..c2da0112a630 100644 --- a/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultRoleAssumers.ts +++ b/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultRoleAssumers.ts @@ -1,3 +1,5 @@ +// Please do not touch this file. It's generated from template: +// https://github.com/aws/aws-sdk-js-v3/blob/main/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultRoleAssumers.ts import { DefaultCredentialProvider, getDefaultRoleAssumer as StsGetDefaultRoleAssumer, diff --git a/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultStsRoleAssumers.ts b/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultStsRoleAssumers.ts index a29b41b6cd0b..0c0a66db761f 100644 --- a/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultStsRoleAssumers.ts +++ b/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultStsRoleAssumers.ts @@ -1,3 +1,5 @@ +// Please do not touch this file. It's generated from template: +// https://github.com/aws/aws-sdk-js-v3/blob/main/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultStsRoleAssumers.ts import { Credentials, Provider } from "@aws-sdk/types"; import { AssumeRoleCommand, AssumeRoleCommandInput } from "./commands/AssumeRoleCommand"; @@ -39,12 +41,15 @@ export const getDefaultRoleAssumer = ( stsClientCtor: new (options: STSClientConfig) => STSClient ): RoleAssumer => { let stsClient: STSClient; + let closureSourceCreds: Credentials; return async (sourceCreds, params) => { + closureSourceCreds = sourceCreds; if (!stsClient) { const { logger, region } = stsOptions; stsClient = new stsClientCtor({ logger, - credentials: sourceCreds, + // A hack to make sts client uses the credential in current closure. + credentialDefaultProvider: () => async () => closureSourceCreds, region: decorateDefaultRegion(region), }); } From 05d3c836de9a878752ab60ed765c9da6e56002e1 Mon Sep 17 00:00:00 2001 From: Allan Zheng Date: Fri, 7 May 2021 18:00:33 -0700 Subject: [PATCH 2/3] fix: generate no-touch notice in codegen --- .../client-sts/defaultRoleAssumers.spec.ts | 2 + clients/client-sts/defaultRoleAssumers.ts | 2 +- clients/client-sts/defaultStsRoleAssumers.ts | 2 +- .../typescript/codegen/AddAwsAuthPlugin.java | 21 +++++-- .../sts-client-defaultRoleAssumers.spec.ts | 62 +++++++++++++++++++ .../codegen/sts-client-defaultRoleAssumers.ts | 2 - .../sts-client-defaultStsRoleAssumers.ts | 2 - scripts/generate-clients/copy-to-clients.js | 2 +- 8 files changed, 84 insertions(+), 11 deletions(-) create mode 100644 codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultRoleAssumers.spec.ts diff --git a/clients/client-sts/defaultRoleAssumers.spec.ts b/clients/client-sts/defaultRoleAssumers.spec.ts index 328e465283cc..fc047d2ffdb9 100644 --- a/clients/client-sts/defaultRoleAssumers.spec.ts +++ b/clients/client-sts/defaultRoleAssumers.spec.ts @@ -1,3 +1,5 @@ +// Please do not touch this file. It's generated from template in: +// https://github.com/aws/aws-sdk-js-v3/blob/main/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultRoleAssumers.spec.ts import { HttpResponse } from "@aws-sdk/protocol-http"; import { Readable } from "stream"; const assumeRoleResponse = ` diff --git a/clients/client-sts/defaultRoleAssumers.ts b/clients/client-sts/defaultRoleAssumers.ts index c2da0112a630..bc5ddc83eeb0 100644 --- a/clients/client-sts/defaultRoleAssumers.ts +++ b/clients/client-sts/defaultRoleAssumers.ts @@ -1,4 +1,4 @@ -// Please do not touch this file. It's generated from template: +// Please do not touch this file. It's generated from template in: // https://github.com/aws/aws-sdk-js-v3/blob/main/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultRoleAssumers.ts import { DefaultCredentialProvider, diff --git a/clients/client-sts/defaultStsRoleAssumers.ts b/clients/client-sts/defaultStsRoleAssumers.ts index 0c0a66db761f..ef2210a61f88 100644 --- a/clients/client-sts/defaultStsRoleAssumers.ts +++ b/clients/client-sts/defaultStsRoleAssumers.ts @@ -1,4 +1,4 @@ -// Please do not touch this file. It's generated from template: +// Please do not touch this file. It's generated from template in: // https://github.com/aws/aws-sdk-js-v3/blob/main/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultStsRoleAssumers.ts import { Credentials, Provider } from "@aws-sdk/types"; diff --git a/codegen/smithy-aws-typescript-codegen/src/main/java/software/amazon/smithy/aws/typescript/codegen/AddAwsAuthPlugin.java b/codegen/smithy-aws-typescript-codegen/src/main/java/software/amazon/smithy/aws/typescript/codegen/AddAwsAuthPlugin.java index 38f995444a81..5fc596a7fe96 100644 --- a/codegen/smithy-aws-typescript-codegen/src/main/java/software/amazon/smithy/aws/typescript/codegen/AddAwsAuthPlugin.java +++ b/codegen/smithy-aws-typescript-codegen/src/main/java/software/amazon/smithy/aws/typescript/codegen/AddAwsAuthPlugin.java @@ -19,6 +19,7 @@ import static software.amazon.smithy.typescript.codegen.integration.RuntimeClientPlugin.Convention.HAS_CONFIG; import static software.amazon.smithy.typescript.codegen.integration.RuntimeClientPlugin.Convention.HAS_MIDDLEWARE; +import java.io.File; import java.util.Collections; import java.util.List; import java.util.Map; @@ -53,6 +54,7 @@ public final class AddAwsAuthPlugin implements TypeScriptIntegration { static final String STS_CLIENT_PREFIX = "sts-client-"; static final String ROLE_ASSUMERS_FILE = "defaultRoleAssumers"; + static final String ROLE_ASSUMERS_TEST_FILE = "defaultRoleAssumers.spec"; static final String STS_ROLE_ASSUMERS_FILE = "defaultStsRoleAssumers"; @Override @@ -155,14 +157,25 @@ public void writeAdditionalFiles( if (!testServiceId(service, "STS")) { return; } + String noTouchNoticePrefix = "// Please do not touch this file. It's generated from template in:\n" + + "// https://github.com/aws/aws-sdk-js-v3/blob/main/codegen/smithy-aws-typescript-codegen/" + + "src/main/resources/software/amazon/smithy/aws/typescript/codegen/"; writerFactory.accept("defaultRoleAssumers.ts", writer -> { - String source = IoUtils.readUtf8Resource(getClass(), - String.format("%s%s.ts", STS_CLIENT_PREFIX, ROLE_ASSUMERS_FILE)); + String resourceName = String.format("%s%s.ts", STS_CLIENT_PREFIX, ROLE_ASSUMERS_FILE); + String source = IoUtils.readUtf8Resource(getClass(), resourceName); + writer.write("$L$L", noTouchNoticePrefix, resourceName); writer.write("$L", source); }); writerFactory.accept("defaultStsRoleAssumers.ts", writer -> { - String source = IoUtils.readUtf8Resource(getClass(), - String.format("%s%s.ts", STS_CLIENT_PREFIX, STS_ROLE_ASSUMERS_FILE)); + String resourceName = String.format("%s%s.ts", STS_CLIENT_PREFIX, STS_ROLE_ASSUMERS_FILE); + String source = IoUtils.readUtf8Resource(getClass(), resourceName); + writer.write("$L$L", noTouchNoticePrefix, resourceName); + writer.write("$L", source); + }); + writerFactory.accept("defaultRoleAssumers.spec.ts", writer -> { + String resourceName = String.format("%s%s.ts", STS_CLIENT_PREFIX, ROLE_ASSUMERS_TEST_FILE); + String source = IoUtils.readUtf8Resource(getClass(), resourceName); + writer.write("$L$L", noTouchNoticePrefix, resourceName); writer.write("$L", source); }); } diff --git a/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultRoleAssumers.spec.ts b/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultRoleAssumers.spec.ts new file mode 100644 index 000000000000..328e465283cc --- /dev/null +++ b/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultRoleAssumers.spec.ts @@ -0,0 +1,62 @@ +import { HttpResponse } from "@aws-sdk/protocol-http"; +import { Readable } from "stream"; +const assumeRoleResponse = ` + + + AROAZOX2IL27GNRBJHWC2:session + arn:aws:sts::123:assumed-role/assume-role-test/session + + + key + secrete + session-token + 2021-05-05T23:22:08Z + + + + 12345678id + +`; +const mockHandle = jest.fn().mockResolvedValue({ + response: new HttpResponse({ + statusCode: 200, + body: Readable.from([""]), + }), +}); +jest.mock("@aws-sdk/node-http-handler", () => ({ + NodeHttpHandler: jest.fn().mockImplementation(() => ({ + destroy: () => {}, + handle: mockHandle, + })), + streamCollector: async () => Buffer.from(assumeRoleResponse), +})); + +import { getDefaultRoleAssumer } from "./defaultRoleAssumers"; +import type { AssumeRoleCommandInput } from "./commands/AssumeRoleCommand"; + +describe("getDefaultRoleAssumer", () => { + beforeEach(() => { + jest.clearAllMocks(); + }); + it("should use supplied source credentials", async () => { + const roleAssumer = getDefaultRoleAssumer(); + const params: AssumeRoleCommandInput = { + RoleArn: "arn:aws:foo", + RoleSessionName: "session", + }; + const sourceCred1 = { accessKeyId: "key1", secretAccessKey: "secrete1" }; + await roleAssumer(sourceCred1, params); + expect(mockHandle).toBeCalledTimes(1); + // Validate request is signed by sourceCred1 + expect(mockHandle.mock.calls[0][0].headers?.authorization).toEqual( + expect.stringContaining("AWS4-HMAC-SHA256 Credential=key1/") + ); + const sourceCred2 = { accessKeyId: "key2", secretAccessKey: "secrete1" }; + await roleAssumer(sourceCred2, params); + // Validate request is signed by sourceCred2 + expect(mockHandle).toBeCalledTimes(2); + expect(mockHandle.mock.calls[1][0].headers?.authorization).toEqual( + expect.stringContaining("AWS4-HMAC-SHA256 Credential=key2/") + ); + }); +}); diff --git a/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultRoleAssumers.ts b/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultRoleAssumers.ts index c2da0112a630..76ab95049e91 100644 --- a/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultRoleAssumers.ts +++ b/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultRoleAssumers.ts @@ -1,5 +1,3 @@ -// Please do not touch this file. It's generated from template: -// https://github.com/aws/aws-sdk-js-v3/blob/main/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultRoleAssumers.ts import { DefaultCredentialProvider, getDefaultRoleAssumer as StsGetDefaultRoleAssumer, diff --git a/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultStsRoleAssumers.ts b/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultStsRoleAssumers.ts index 0c0a66db761f..638ef7a9d9b7 100644 --- a/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultStsRoleAssumers.ts +++ b/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultStsRoleAssumers.ts @@ -1,5 +1,3 @@ -// Please do not touch this file. It's generated from template: -// https://github.com/aws/aws-sdk-js-v3/blob/main/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultStsRoleAssumers.ts import { Credentials, Provider } from "@aws-sdk/types"; import { AssumeRoleCommand, AssumeRoleCommandInput } from "./commands/AssumeRoleCommand"; diff --git a/scripts/generate-clients/copy-to-clients.js b/scripts/generate-clients/copy-to-clients.js index 57ce31d6286e..135cf94cfeaf 100644 --- a/scripts/generate-clients/copy-to-clients.js +++ b/scripts/generate-clients/copy-to-clients.js @@ -21,7 +21,7 @@ const getOverwritablePredicate = (packageName) => (pathName) => { "README.md", ]; const additionalGeneratedFiles = { - "@aws-sdk/client-sts": ["defaultRoleAssumers.ts", "defaultStsRoleAssumers.ts"], + "@aws-sdk/client-sts": ["defaultRoleAssumers.ts", "defaultStsRoleAssumers.ts", "defaultRoleAssumers.spec.ts"], }; return ( pathName From 0ba701de55850f9a899102df01b374a6f7751654 Mon Sep 17 00:00:00 2001 From: Trivikram Kamat <16024985+trivikr@users.noreply.github.com> Date: Mon, 10 May 2021 17:26:08 +0000 Subject: [PATCH 3/3] fix: checkstyle error UnusedImports --- .../amazon/smithy/aws/typescript/codegen/AddAwsAuthPlugin.java | 1 - 1 file changed, 1 deletion(-) diff --git a/codegen/smithy-aws-typescript-codegen/src/main/java/software/amazon/smithy/aws/typescript/codegen/AddAwsAuthPlugin.java b/codegen/smithy-aws-typescript-codegen/src/main/java/software/amazon/smithy/aws/typescript/codegen/AddAwsAuthPlugin.java index 5fc596a7fe96..2ac32aba16e4 100644 --- a/codegen/smithy-aws-typescript-codegen/src/main/java/software/amazon/smithy/aws/typescript/codegen/AddAwsAuthPlugin.java +++ b/codegen/smithy-aws-typescript-codegen/src/main/java/software/amazon/smithy/aws/typescript/codegen/AddAwsAuthPlugin.java @@ -19,7 +19,6 @@ import static software.amazon.smithy.typescript.codegen.integration.RuntimeClientPlugin.Convention.HAS_CONFIG; import static software.amazon.smithy.typescript.codegen.integration.RuntimeClientPlugin.Convention.HAS_MIDDLEWARE; -import java.io.File; import java.util.Collections; import java.util.List; import java.util.Map;