Examples with Signer software.amazon.awssdk.core.signer.Signer used on opensource projects

Example 1 with Signer

use of software.amazon.awssdk.core.signer.Signer in project aws-sdk-java-v2 by aws.

the class ProfileFileConfigurationTest method profileIsHonoredForCredentialsAndRegion.

@Test
public void profileIsHonoredForCredentialsAndRegion() {
    EnvironmentVariableHelper.run(env -> {
        env.remove(SdkSystemSetting.AWS_REGION);
        env.remove(SdkSystemSetting.AWS_ACCESS_KEY_ID);
        env.remove(SdkSystemSetting.AWS_SECRET_ACCESS_KEY);
        String profileContent = "[profile foo]\n" + "region = us-banana-46\n" + "aws_access_key_id = profileIsHonoredForCredentials_akid\n" + "aws_secret_access_key = profileIsHonoredForCredentials_skid";
        String profileName = "foo";
        Signer signer = mock(NoOpSigner.class);
        ProtocolRestJsonClient client = ProtocolRestJsonClient.builder().overrideConfiguration(overrideConfig(profileContent, profileName, signer)).build();
        Mockito.when(signer.sign(any(), any())).thenCallRealMethod();
        try {
            client.allTypes();
        } catch (SdkClientException e) {
        // expected
        }
        ArgumentCaptor<SdkHttpFullRequest> httpRequest = ArgumentCaptor.forClass(SdkHttpFullRequest.class);
        ArgumentCaptor<ExecutionAttributes> attributes = ArgumentCaptor.forClass(ExecutionAttributes.class);
        Mockito.verify(signer).sign(httpRequest.capture(), attributes.capture());
        AwsCredentials credentials = attributes.getValue().getAttribute(AwsSignerExecutionAttribute.AWS_CREDENTIALS);
        assertThat(credentials.accessKeyId()).isEqualTo("profileIsHonoredForCredentials_akid");
        assertThat(credentials.secretAccessKey()).isEqualTo("profileIsHonoredForCredentials_skid");
        Region region = attributes.getValue().getAttribute(AwsExecutionAttribute.AWS_REGION);
        assertThat(region.id()).isEqualTo("us-banana-46");
        assertThat(httpRequest.getValue().getUri().getHost()).contains("us-banana-46");
    });
}

Example 2 with Signer

use of software.amazon.awssdk.core.signer.Signer in project aws-sdk-java-v2 by aws.

the class SigningStage method signRequest.

/**
 * Sign the request if the signer if provided and credentials are present.
 */
private SdkHttpFullRequest signRequest(SdkHttpFullRequest request, RequestExecutionContext context) throws Exception {
    updateInterceptorContext(request, context.executionContext());
    Signer signer = context.signer();
    MetricCollector metricCollector = context.attemptMetricCollector();
    if (shouldSign(signer)) {
        adjustForClockSkew(context.executionAttributes());
        Pair<SdkHttpFullRequest, Duration> measuredSign = MetricUtils.measureDuration(() -> signer.sign(request, context.executionAttributes()));
        metricCollector.reportMetric(CoreMetric.SIGNING_DURATION, measuredSign.right());
        SdkHttpFullRequest signedRequest = measuredSign.left();
        if (signer instanceof AsyncRequestBodySigner) {
            // Transform request body provider with signing operator
            AsyncRequestBody transformedRequestProvider = ((AsyncRequestBodySigner) signer).signAsyncRequestBody(signedRequest, context.requestProvider(), context.executionAttributes());
            context.requestProvider(transformedRequestProvider);
        }
        updateInterceptorContext(signedRequest, context.executionContext());
        return signedRequest;
    }
    return request;
}

Example 3 with Signer

use of software.amazon.awssdk.core.signer.Signer in project aws-sdk-java-v2 by aws.

the class DefaultJsonClient method applySignerOverride.

private <T extends JsonRequest> T applySignerOverride(T request, Signer signer) {
    if (request.overrideConfiguration().flatMap(c -> c.signer()).isPresent()) {
        return request;
    }
    Consumer<AwsRequestOverrideConfiguration.Builder> signerOverride = b -> b.signer(signer).build();
    AwsRequestOverrideConfiguration overrideConfiguration = request.overrideConfiguration().map(c -> c.toBuilder().applyMutation(signerOverride).build()).orElse((AwsRequestOverrideConfiguration.builder().applyMutation(signerOverride).build()));
    return (T) request.toBuilder().overrideConfiguration(overrideConfiguration).build();
}

Example 4 with Signer

use of software.amazon.awssdk.core.signer.Signer in project aws-sdk-java-v2 by aws.

the class DefaultXmlAsyncClient method applySignerOverride.

private <T extends XmlRequest> T applySignerOverride(T request, Signer signer) {
    if (request.overrideConfiguration().flatMap(c -> c.signer()).isPresent()) {
        return request;
    }
    Consumer<AwsRequestOverrideConfiguration.Builder> signerOverride = b -> b.signer(signer).build();
    AwsRequestOverrideConfiguration overrideConfiguration = request.overrideConfiguration().map(c -> c.toBuilder().applyMutation(signerOverride).build()).orElse((AwsRequestOverrideConfiguration.builder().applyMutation(signerOverride).build()));
    return (T) request.toBuilder().overrideConfiguration(overrideConfiguration).build();
}

Example 5 with Signer

use of software.amazon.awssdk.core.signer.Signer in project aws-sdk-java-v2 by aws.

the class AwsExecutionContextBuilder method invokeInterceptorsAndCreateExecutionContext.

/**
 * Used by both sync and async clients to create the execution context, and run initial interceptors.
 */
public static <InputT extends SdkRequest, OutputT extends SdkResponse> ExecutionContext invokeInterceptorsAndCreateExecutionContext(ClientExecutionParams<InputT, OutputT> executionParams, SdkClientConfiguration clientConfig) {
    // Note: This is currently copied to DefaultS3Presigner and other presigners.
    // Don't edit this without considering those
    SdkRequest originalRequest = executionParams.getInput();
    MetricCollector metricCollector = resolveMetricCollector(executionParams);
    ExecutionAttributes executionAttributes = mergeExecutionAttributeOverrides(executionParams.executionAttributes(), clientConfig.option(SdkClientOption.EXECUTION_ATTRIBUTES), originalRequest.overrideConfiguration().map(c -> c.executionAttributes()).orElse(null));
    executionAttributes.putAttribute(InternalCoreExecutionAttribute.EXECUTION_ATTEMPT, 1).putAttribute(AwsSignerExecutionAttribute.SERVICE_CONFIG, clientConfig.option(SdkClientOption.SERVICE_CONFIGURATION)).putAttribute(AwsSignerExecutionAttribute.SERVICE_SIGNING_NAME, clientConfig.option(AwsClientOption.SERVICE_SIGNING_NAME)).putAttribute(AwsExecutionAttribute.AWS_REGION, clientConfig.option(AwsClientOption.AWS_REGION)).putAttribute(AwsExecutionAttribute.ENDPOINT_PREFIX, clientConfig.option(AwsClientOption.ENDPOINT_PREFIX)).putAttribute(AwsSignerExecutionAttribute.SIGNING_REGION, clientConfig.option(AwsClientOption.SIGNING_REGION)).putAttribute(SdkInternalExecutionAttribute.IS_FULL_DUPLEX, executionParams.isFullDuplex()).putAttribute(SdkInternalExecutionAttribute.HAS_INITIAL_REQUEST_EVENT, executionParams.hasInitialRequestEvent()).putAttribute(SdkExecutionAttribute.CLIENT_TYPE, clientConfig.option(SdkClientOption.CLIENT_TYPE)).putAttribute(SdkExecutionAttribute.SERVICE_NAME, clientConfig.option(SdkClientOption.SERVICE_NAME)).putAttribute(SdkExecutionAttribute.PROFILE_FILE, clientConfig.option(SdkClientOption.PROFILE_FILE)).putAttribute(SdkExecutionAttribute.PROFILE_NAME, clientConfig.option(SdkClientOption.PROFILE_NAME)).putAttribute(AwsExecutionAttribute.DUALSTACK_ENDPOINT_ENABLED, clientConfig.option(AwsClientOption.DUALSTACK_ENDPOINT_ENABLED)).putAttribute(AwsExecutionAttribute.FIPS_ENDPOINT_ENABLED, clientConfig.option(AwsClientOption.FIPS_ENDPOINT_ENABLED)).putAttribute(SdkExecutionAttribute.OPERATION_NAME, executionParams.getOperationName()).putAttribute(SdkExecutionAttribute.CLIENT_ENDPOINT, clientConfig.option(SdkClientOption.ENDPOINT)).putAttribute(SdkExecutionAttribute.ENDPOINT_OVERRIDDEN, clientConfig.option(SdkClientOption.ENDPOINT_OVERRIDDEN)).putAttribute(SdkInternalExecutionAttribute.DISABLE_HOST_PREFIX_INJECTION, clientConfig.option(SdkAdvancedClientOption.DISABLE_HOST_PREFIX_INJECTION)).putAttribute(SdkExecutionAttribute.SIGNER_OVERRIDDEN, clientConfig.option(SdkClientOption.SIGNER_OVERRIDDEN)).putAttribute(RESOLVED_CHECKSUM_SPECS, HttpChecksumResolver.getResolvedChecksumSpecs(executionAttributes));
    ExecutionInterceptorChain executionInterceptorChain = new ExecutionInterceptorChain(clientConfig.option(SdkClientOption.EXECUTION_INTERCEPTORS));
    InterceptorContext interceptorContext = InterceptorContext.builder().request(originalRequest).asyncRequestBody(executionParams.getAsyncRequestBody()).requestBody(executionParams.getRequestBody()).build();
    interceptorContext = runInitialInterceptors(interceptorContext, executionAttributes, executionInterceptorChain);
    Signer signer = resolveSigner(interceptorContext.request(), clientConfig.option(SdkAdvancedClientOption.SIGNER));
    // beforeExecution and modifyRequest interceptors should avoid dependency on credentials,
    // since they should be resolved after the interceptors run
    AwsCredentials credentials = resolveCredentials(clientConfig.option(AwsClientOption.CREDENTIALS_PROVIDER), originalRequest, metricCollector);
    executionAttributes.putAttribute(AwsSignerExecutionAttribute.AWS_CREDENTIALS, credentials);
    executionAttributes.putAttribute(HttpChecksumConstant.SIGNING_METHOD, resolveSigningMethodUsed(signer, executionAttributes, credentials));
    return ExecutionContext.builder().interceptorChain(executionInterceptorChain).interceptorContext(interceptorContext).executionAttributes(executionAttributes).signer(signer).metricCollector(metricCollector).build();
}