feat(experimentalIdentityAndAuth): Add generic @aws.auth#sigv4 support

Registers the `@aws.auth#sigv4` scheme.
smithy-lang · Sep 1, 2023 · 5cf3bb9 · 5cf3bb9
1 parent 019109d
commit 5cf3bb9
Show file tree

Hide file tree

Showing 3 changed files with 86 additions and 1 deletion.
diff --git a/...codegen/src/main/java/software/amazon/smithy/typescript/codegen/TypeScriptDependency.java b/...codegen/src/main/java/software/amazon/smithy/typescript/codegen/TypeScriptDependency.java
@@ -90,7 +90,8 @@ public enum TypeScriptDependency implements Dependency {
     AWS_SDK_NODE_HTTP_HANDLER("dependencies", "@smithy/node-http-handler", "^2.0.5", false),
 
     // Conditionally added when setting the auth middleware.
-    AWS_SDK_UTIL_MIDDLEWARE("dependencies", "@smithy/util-middleware", "^2.0.0", false),
+    UTIL_MIDDLEWARE("dependencies", "@smithy/util-middleware", "^2.0.0", false),
+    @Deprecated AWS_SDK_UTIL_MIDDLEWARE("dependencies", "@smithy/util-middleware", "^2.0.0", false),
 
     // Conditionally added if a event stream shape is found anywhere in the model
     AWS_SDK_EVENTSTREAM_SERDE_CONFIG_RESOLVER(
@@ -114,6 +115,9 @@ public enum TypeScriptDependency implements Dependency {
     @Deprecated UTIL_STREAM_BROWSER("dependencies", "@smithy/util-stream-browser", "^2.0.5", false),
     UTIL_STREAM("dependencies", "@smithy/util-stream", "^2.0.5", false),
 
+    // Conditionally added when @aws.auth#sigv4 is used
+    SIGNATURE_V4("dependencies", "@smithy/signature-v4", "^2.0.4", false),
+
     // feat(experimentalIdentityAndAuth): Conditionally added dependencies for `experimentalIdentityAndAuth`.
     // This package should never have a major version, and should only use minor and patch versions in development.
     EXPERIMENTAL_IDENTITY_AND_AUTH("dependencies", "@smithy/experimental-identity-and-auth", "~0.0.1", false),

diff --git a/...a/software/amazon/smithy/typescript/codegen/auth/http/integration/AddSigV4AuthPlugin.java b/...a/software/amazon/smithy/typescript/codegen/auth/http/integration/AddSigV4AuthPlugin.java
@@ -0,0 +1,80 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package software.amazon.smithy.typescript.codegen.auth.http.integration;
+
+import java.util.Optional;
+import software.amazon.smithy.model.shapes.ShapeId;
+import software.amazon.smithy.typescript.codegen.ApplicationProtocol;
+import software.amazon.smithy.typescript.codegen.ConfigField;
+import software.amazon.smithy.typescript.codegen.LanguageTarget;
+import software.amazon.smithy.typescript.codegen.TypeScriptDependency;
+import software.amazon.smithy.typescript.codegen.TypeScriptSettings;
+import software.amazon.smithy.typescript.codegen.auth.http.HttpAuthOptionProperty;
+import software.amazon.smithy.typescript.codegen.auth.http.HttpAuthOptionProperty.Type;
+import software.amazon.smithy.typescript.codegen.auth.http.HttpAuthScheme;
+import software.amazon.smithy.typescript.codegen.auth.http.HttpAuthSchemeParameter;
+import software.amazon.smithy.utils.SmithyInternalApi;
+
+/**
+ * Support for generic @aws.auth#sigv4.
+ *
+ * This is the experimental behavior for `experimentalIdentityAndAuth`.
+ */
+@SmithyInternalApi
+public final class AddSigV4AuthPlugin implements HttpAuthTypeScriptIntegration {
+
+    /**
+     * Integration should only be used if `experimentalIdentityAndAuth` flag is true.
+     */
+    @Override
+    public boolean matchesSettings(TypeScriptSettings settings) {
+        return settings.getExperimentalIdentityAndAuth();
+    }
+
+    @Override
+    public Optional<HttpAuthScheme> getHttpAuthScheme() {
+        return Optional.of(HttpAuthScheme.builder()
+                .schemeId(ShapeId.from("aws.auth#sigv4"))
+                .applicationProtocol(ApplicationProtocol.createDefaultHttpApplicationProtocol())
+                .putDefaultIdentityProvider(LanguageTarget.SHARED, w -> {
+                    w.write("async () => { throw new Error(\"`credentials` is missing\"); }");
+                })
+                .putDefaultSigner(LanguageTarget.SHARED, w -> {
+                    w.addDependency(TypeScriptDependency.EXPERIMENTAL_IDENTITY_AND_AUTH);
+                    w.addImport("SigV4Signer", null,
+                        TypeScriptDependency.EXPERIMENTAL_IDENTITY_AND_AUTH);
+                    w.write("new SigV4Signer()");
+                })
+                .addConfigField(new ConfigField("region", w -> {
+                    w.addDependency(TypeScriptDependency.SMITHY_TYPES);
+                    w.addImport("Provider", "__Provider", TypeScriptDependency.SMITHY_TYPES);
+                    w.write("string | __Provider<string>");
+                }, w -> w.write("The AWS region to which this client will send requests.")))
+                .addConfigField(new ConfigField("credentials", w -> {
+                    w.addDependency(TypeScriptDependency.SMITHY_TYPES);
+                    w.addImport("AwsCredentialIdentity", null, TypeScriptDependency.SMITHY_TYPES);
+                    w.addImport("AwsCredentialIdentityProvider", null, TypeScriptDependency.SMITHY_TYPES);
+                    w.write("AwsCredentialIdentity | AwsCredentialIdentityProvider");
+                }, w -> w.write("The credentials used to sign requests.")))
+                .addHttpAuthSchemeParameter(new HttpAuthSchemeParameter(
+                    "region", w -> w.write("string"), w -> {
+                    w.addDependency(TypeScriptDependency.UTIL_MIDDLEWARE);
+                    w.addImport("normalizeProvider", null, TypeScriptDependency.UTIL_MIDDLEWARE);
+                    w.openBlock("await normalizeProvider(config.region)() || (() => {", "})()", () -> {
+                        w.write("throw new Error(\"expected `region` to be configured for `aws.auth#sigv4`\");");
+                    });
+                }))
+                .addHttpAuthOptionProperty(new HttpAuthOptionProperty(
+                    "name", Type.SIGNING, t -> w -> {
+                    w.write("$S", t.toNode().expectObjectNode().getMember("name"));
+                }))
+                .addHttpAuthOptionProperty(new HttpAuthOptionProperty(
+                    "region", Type.SIGNING, t -> w -> {
+                    w.write("authParameters.region");
+                }))
+                .build());
+    }
+}
diff --git a/...-INF/services/software.amazon.smithy.typescript.codegen.integration.TypeScriptIntegration b/...-INF/services/software.amazon.smithy.typescript.codegen.integration.TypeScriptIntegration
@@ -5,6 +5,7 @@ software.amazon.smithy.typescript.codegen.integration.AddDefaultsModeDependency
 software.amazon.smithy.typescript.codegen.auth.http.integration.AddNoAuthPlugin
 software.amazon.smithy.typescript.codegen.auth.http.integration.AddHttpApiKeyAuthPlugin
 software.amazon.smithy.typescript.codegen.auth.http.integration.AddHttpBearerAuthPlugin
+software.amazon.smithy.typescript.codegen.auth.http.integration.AddSigV4AuthPlugin
 software.amazon.smithy.typescript.codegen.integration.AddHttpApiKeyAuthPlugin
 software.amazon.smithy.typescript.codegen.integration.AddBaseServiceExceptionClass
 software.amazon.smithy.typescript.codegen.integration.AddSdkStreamMixinDependency