chore(id-auth-sra): sigv4a compatibility for id-auth sra (#6342)

* chore(id-auth-sra): sigv4a compatibility for id-auth sra

* chore(codegen): make sigv4a detection programmatic

* chore(codegen): java formatting

clients/client-cloudfront-keyvaluestore/package.json

@@ -27,7 +27,6 @@
  "@aws-sdk/middleware-host-header": "*",
  "@aws-sdk/middleware-logger": "*",
  "@aws-sdk/middleware-recursion-detection": "*",
- "@aws-sdk/middleware-signing": "*",
  "@aws-sdk/middleware-user-agent": "*",
  "@aws-sdk/region-config-resolver": "*",
  "@aws-sdk/signature-v4-multi-region": "*",
@@ -57,6 +56,7 @@
  "@smithy/util-defaults-mode-browser": "^3.0.14",
  "@smithy/util-defaults-mode-node": "^3.0.14",
  "@smithy/util-endpoints": "^2.0.5",
+ "@smithy/util-middleware": "^3.0.3",
  "@smithy/util-retry": "^3.0.3",
  "@smithy/util-utf8": "^3.0.0",
  "tslib": "^2.6.2"

clients/client-cloudfront-keyvaluestore/src/CloudFrontKeyValueStoreClient.ts

@@ -7,20 +7,18 @@ import {
 } from "@aws-sdk/middleware-host-header";
 import { getLoggerPlugin } from "@aws-sdk/middleware-logger";
 import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection";
-import {
- AwsAuthInputConfig,
- AwsAuthResolvedConfig,
- getAwsAuthPlugin,
- resolveAwsAuthConfig,
-} from "@aws-sdk/middleware-signing";
 import {
  getUserAgentPlugin,
  resolveUserAgentConfig,
  UserAgentInputConfig,
  UserAgentResolvedConfig,
 } from "@aws-sdk/middleware-user-agent";
-import { Credentials as __Credentials } from "@aws-sdk/types";
 import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver";
+import {
+ DefaultIdentityProviderConfig,
+ getHttpAuthSchemeEndpointRuleSetPlugin,
+ getHttpSigningPlugin,
+} from "@smithy/core";
 import { getContentLengthPlugin } from "@smithy/middleware-content-length";
 import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint";
 import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry";
@@ -32,6 +30,7 @@ import {
  SmithyResolvedConfiguration as __SmithyResolvedConfiguration,
 } from "@smithy/smithy-client";
 import {
+ AwsCredentialIdentityProvider,
  BodyLengthCalculator as __BodyLengthCalculator,
  CheckOptionalClientConfig as __CheckOptionalClientConfig,
  ChecksumConstructor as __ChecksumConstructor,
@@ -48,6 +47,12 @@ import {
  UserAgent as __UserAgent,
 } from "@smithy/types";
 
+import {
+ defaultCloudFrontKeyValueStoreHttpAuthSchemeParametersProvider,
+ HttpAuthSchemeInputConfig,
+ HttpAuthSchemeResolvedConfig,
+ resolveHttpAuthSchemeConfig,
+} from "./auth/httpAuthSchemeProvider";
 import { DeleteKeyCommandInput, DeleteKeyCommandOutput } from "./commands/DeleteKeyCommand";
 import {
  DescribeKeyValueStoreCommandInput,
@@ -189,9 +194,10 @@ export interface ClientDefaults extends Partial<__SmithyConfiguration<__HttpHand
 
  /**
  * Default credentials provider; Not available in browser runtime.
+ * @deprecated
  * @internal
  */
- credentialDefaultProvider?: (input: any) => __Provider<__Credentials>;
+ credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider;
 
  /**
  * Value for how many times a request will be made at most in case of retry.
@@ -231,7 +237,7 @@ export type CloudFrontKeyValueStoreClientConfigType = Partial<__SmithyConfigurat
  RegionInputConfig &
  HostHeaderInputConfig &
  EndpointInputConfig<EndpointParameters> &
- AwsAuthInputConfig &
+ HttpAuthSchemeInputConfig &
  ClientInputEndpointParameters;
 /**
  * @public
@@ -251,7 +257,7 @@ export type CloudFrontKeyValueStoreClientResolvedConfigType = __SmithyResolvedCo
  RegionResolvedConfig &
  HostHeaderResolvedConfig &
  EndpointResolvedConfig<EndpointParameters> &
- AwsAuthResolvedConfig &
+ HttpAuthSchemeResolvedConfig &
  ClientResolvedEndpointParameters;
 /**
  * @public
@@ -283,7 +289,7 @@ export class CloudFrontKeyValueStoreClient extends __Client<
  const _config_4 = resolveRegionConfig(_config_3);
  const _config_5 = resolveHostHeaderConfig(_config_4);
  const _config_6 = resolveEndpointConfig(_config_5);
- const _config_7 = resolveAwsAuthConfig(_config_6);
+ const _config_7 = resolveHttpAuthSchemeConfig(_config_6);
  const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []);
  super(_config_8);
  this.config = _config_8;
@@ -293,7 +299,17 @@ export class CloudFrontKeyValueStoreClient extends __Client<
  this.middlewareStack.use(getHostHeaderPlugin(this.config));
  this.middlewareStack.use(getLoggerPlugin(this.config));
  this.middlewareStack.use(getRecursionDetectionPlugin(this.config));
- this.middlewareStack.use(getAwsAuthPlugin(this.config));
+ this.middlewareStack.use(
+ getHttpAuthSchemeEndpointRuleSetPlugin(this.config, {
+ httpAuthSchemeParametersProvider: defaultCloudFrontKeyValueStoreHttpAuthSchemeParametersProvider,
+ identityProviderConfigProvider: async (config: CloudFrontKeyValueStoreClientResolvedConfig) =>
+ new DefaultIdentityProviderConfig({
+ "aws.auth#sigv4": config.credentials,
+ "aws.auth#sigv4a": config.credentials,
+ }),
+ })
+ );
+ this.middlewareStack.use(getHttpSigningPlugin(this.config));
  }
 
  /**

clients/client-cloudfront-keyvaluestore/src/auth/httpAuthExtensionConfiguration.ts

@@ -0,0 +1,72 @@
+// smithy-typescript generated code
+import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types";
+
+import { CloudFrontKeyValueStoreHttpAuthSchemeProvider } from "./httpAuthSchemeProvider";
+
+/**
+ * @internal
+ */
+export interface HttpAuthExtensionConfiguration {
+ setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void;
+ httpAuthSchemes(): HttpAuthScheme[];
+ setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudFrontKeyValueStoreHttpAuthSchemeProvider): void;
+ httpAuthSchemeProvider(): CloudFrontKeyValueStoreHttpAuthSchemeProvider;
+ setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void;
+ credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined;
+}
+
+/**
+ * @internal
+ */
+export type HttpAuthRuntimeConfig = Partial<{
+ httpAuthSchemes: HttpAuthScheme[];
+ httpAuthSchemeProvider: CloudFrontKeyValueStoreHttpAuthSchemeProvider;
+ credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider;
+}>;
+
+/**
+ * @internal
+ */
+export const getHttpAuthExtensionConfiguration = (
+ runtimeConfig: HttpAuthRuntimeConfig
+): HttpAuthExtensionConfiguration => {
+ const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!;
+ let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!;
+ let _credentials = runtimeConfig.credentials;
+ return {
+ setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void {
+ const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId);
+ if (index === -1) {
+ _httpAuthSchemes.push(httpAuthScheme);
+ } else {
+ _httpAuthSchemes.splice(index, 1, httpAuthScheme);
+ }
+ },
+ httpAuthSchemes(): HttpAuthScheme[] {
+ return _httpAuthSchemes;
+ },
+ setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudFrontKeyValueStoreHttpAuthSchemeProvider): void {
+ _httpAuthSchemeProvider = httpAuthSchemeProvider;
+ },
+ httpAuthSchemeProvider(): CloudFrontKeyValueStoreHttpAuthSchemeProvider {
+ return _httpAuthSchemeProvider;
+ },
+ setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void {
+ _credentials = credentials;
+ },
+ credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined {
+ return _credentials;
+ },
+ };
+};
+
+/**
+ * @internal
+ */
+export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => {
+ return {
+ httpAuthSchemes: config.httpAuthSchemes(),
+ httpAuthSchemeProvider: config.httpAuthSchemeProvider(),
+ credentials: config.credentials(),
+ };
+};