Populate User Agent Details (#3733)

muhammad-othman · muhammad-othman · commit bff37c88d8cd · 2025-04-03T13:03:27.000-04:00
diff --git a/sdk/src/Core/Amazon.Runtime/CredentialManagement/AWSCredentialsFactory.cs b/sdk/src/Core/Amazon.Runtime/CredentialManagement/AWSCredentialsFactory.cs
@@ -199,14 +199,16 @@ private static AWSCredentials GetAWSCredentialsInternal(
         {
             if (profileType.HasValue)
             {
+                AWSCredentials awsCredentials = null;
                 switch (profileType)
                 {
                     case CredentialProfileType.Basic:
-                        var basicCredentials = new BasicAWSCredentials(options.AccessKey, options.SecretKey, options.AwsAccountId);
-                        basicCredentials.FeatureIdSources.Add(UserAgentFeatureId.CREDENTIALS_PROFILE);
-                        return basicCredentials;
+                        awsCredentials = new BasicAWSCredentials(options.AccessKey, options.SecretKey, options.AwsAccountId);
+                        awsCredentials.FeatureIdSources.Add(UserAgentFeatureId.CREDENTIALS_PROFILE);
+                        break;
                     case CredentialProfileType.Session:
-                        return new SessionAWSCredentials(options.AccessKey, options.SecretKey, options.Token, options.AwsAccountId);
+                        awsCredentials = new SessionAWSCredentials(options.AccessKey, options.SecretKey, options.Token, options.AwsAccountId);
+                        break;
                     case CredentialProfileType.AssumeRole:
                     case CredentialProfileType.AssumeRoleExternal:
                     case CredentialProfileType.AssumeRoleMFA:
@@ -252,10 +254,10 @@ private static AWSCredentials GetAWSCredentialsInternal(
                             MfaSerialNumber = options.MfaSerial
                         };
 
-                        var assumeRoleCredentials = new AssumeRoleAWSCredentials(sourceCredentials, options.RoleArn, roleSessionName, assumeRoleOptions);
-                        assumeRoleCredentials.FeatureIdSources.Add(UserAgentFeatureId.CREDENTIALS_PROFILE_SOURCE_PROFILE);
-                        return assumeRoleCredentials;
-                    
+                        awsCredentials = new AssumeRoleAWSCredentials(sourceCredentials, options.RoleArn, roleSessionName, assumeRoleOptions);
+                        awsCredentials.FeatureIdSources.Add(UserAgentFeatureId.CREDENTIALS_PROFILE_SOURCE_PROFILE);
+                        break;
+
                     case CredentialProfileType.AssumeRoleCredentialSource:
                     case CredentialProfileType.AssumeRoleCredentialSourceSessionName:
                         // get credentials specified by credentialSource
@@ -276,34 +278,30 @@ private static AWSCredentials GetAWSCredentialsInternal(
                         roleSessionName = options.RoleSessionName ?? RoleSessionNamePrefix + AWSSDKUtils.CorrectedUtcNow.Ticks;
                         assumeRoleOptions = new AssumeRoleAWSCredentialsOptions();
 
-                        var assumeRoleSourceCredentials = new AssumeRoleAWSCredentials(sourceCredentials, options.RoleArn, roleSessionName, assumeRoleOptions);
-                        assumeRoleSourceCredentials.FeatureIdSources.Add(UserAgentFeatureId.CREDENTIALS_PROFILE_NAMED_PROVIDER);
-                        return assumeRoleSourceCredentials;
-                    
+                        awsCredentials = new AssumeRoleAWSCredentials(sourceCredentials, options.RoleArn, roleSessionName, assumeRoleOptions);
+                        awsCredentials.FeatureIdSources.Add(UserAgentFeatureId.CREDENTIALS_PROFILE_NAMED_PROVIDER);
+                        break;
+
                     case CredentialProfileType.AssumeRoleWithWebIdentity:
                     case CredentialProfileType.AssumeRoleWithWebIdentitySessionName:
-                        var assumeRoleWebIdentityCredentials = new AssumeRoleWithWebIdentityCredentials(options.WebIdentityTokenFile, options.RoleArn, options.RoleSessionName);
-                        assumeRoleWebIdentityCredentials.FeatureIdSources.Add(UserAgentFeatureId.CREDENTIALS_PROFILE_STS_WEB_ID_TOKEN);
-                        return assumeRoleWebIdentityCredentials;
-                    
+                        awsCredentials = new AssumeRoleWithWebIdentityCredentials(options.WebIdentityTokenFile, options.RoleArn, options.RoleSessionName);
+                        awsCredentials.FeatureIdSources.Add(UserAgentFeatureId.CREDENTIALS_PROFILE_STS_WEB_ID_TOKEN);
+                        break;
+
                     case CredentialProfileType.SSO:
-                    {
-                        var ssoCredentialsOptions = new SSOAWSCredentialsOptions 
-                        { 
+                        var ssoCredentialsOptions = new SSOAWSCredentialsOptions
+                        {
                             SessionName = options.SsoSession,
                             Scopes = options.SsoRegistrationScopes?.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries).Select(p => p.Trim()).ToList()
                         };
 
                         var isLegacyFormat = string.IsNullOrEmpty(options.SsoSession);
-                        var ssoCredentials = new SSOAWSCredentials(options.SsoAccountId, options.SsoRegion, options.SsoRoleName, options.SsoStartUrl, ssoCredentialsOptions);
-                        ssoCredentials.FeatureIdSources.Add(isLegacyFormat ? UserAgentFeatureId.CREDENTIALS_PROFILE_SSO_LEGACY : UserAgentFeatureId.CREDENTIALS_PROFILE_SSO);
+                        awsCredentials = new SSOAWSCredentials(options.SsoAccountId, options.SsoRegion, options.SsoRoleName, options.SsoStartUrl, ssoCredentialsOptions);
+                        awsCredentials.FeatureIdSources.Add(isLegacyFormat ? UserAgentFeatureId.CREDENTIALS_PROFILE_SSO_LEGACY : UserAgentFeatureId.CREDENTIALS_PROFILE_SSO);
+                        break;
 
-                        return ssoCredentials;
-                    }
-      
                     case CredentialProfileType.SAMLRole:
                     case CredentialProfileType.SAMLRoleUserIdentity:
-
                         if (UserCrypto.IsUserCryptAvailable)
                         {
                             var federatedOptions = new FederatedAWSCredentialsOptions()
@@ -312,17 +310,18 @@ private static AWSCredentials GetAWSCredentialsInternal(
                                 UserIdentity = options.UserIdentity,
                                 ProfileName = profileName
                             };
-                            return new FederatedAWSCredentials(new SAMLEndpointManager().GetEndpoint(options.EndpointName),
+                            awsCredentials = new FederatedAWSCredentials(new SAMLEndpointManager().GetEndpoint(options.EndpointName),
                                 options.RoleArn, federatedOptions);
+                            break;
                         }
                         else
                         {
                             return ThrowOrReturnNull("Federated credentials are not available on this platform.", null, throwIfInvalid);
                         }
                     case CredentialProfileType.CredentialProcess:
-                        var processCredentials = new ProcessAWSCredentials(options.CredentialProcess, options.AwsAccountId);
-                        processCredentials.FeatureIdSources.Add(UserAgentFeatureId.CREDENTIALS_PROFILE_PROCESS);
-                        return processCredentials;
+                        awsCredentials = new ProcessAWSCredentials(options.CredentialProcess, options.AwsAccountId);
+                        awsCredentials.FeatureIdSources.Add(UserAgentFeatureId.CREDENTIALS_PROFILE_PROCESS);
+                        break;
 
                     default:
                         var defaultMessage = profileName == null
@@ -333,6 +332,11 @@ private static AWSCredentials GetAWSCredentialsInternal(
 
                         return ThrowOrReturnNull(defaultMessage, null, throwIfInvalid);
                 }
+
+                if (profileSource is NetSDKCredentialsFile)
+                    awsCredentials.FeatureIdSources.Add(UserAgentFeatureId.CREDENTIALS_AWS_SDK_STORE);
+
+                return awsCredentials;
             }
             else
             {
diff --git a/sdk/src/Core/Amazon.Runtime/Credentials/FederatedAWSCredentials.cs b/sdk/src/Core/Amazon.Runtime/Credentials/FederatedAWSCredentials.cs
@@ -77,7 +77,7 @@ public FederatedAWSCredentials(SAMLEndpoint samlEndpoint, string roleArn,
             SAMLEndpoint = samlEndpoint ?? throw new ArgumentNullException("samlEndpoint");
             RoleArn = roleArn;
             PreemptExpiryTime = DefaultPreemptExpiryTime;
-            FeatureIdSources.Add(UserAgentFeatureId.CREDENTIALS_STS_FEDERATION_TOKEN);
+            FeatureIdSources.Add(UserAgentFeatureId.CREDENTIALS_STS_ASSUME_ROLE_SAML);
         }
 
         /// <summary>
diff --git a/sdk/src/Core/Amazon.Runtime/IClientConfig.cs b/sdk/src/Core/Amazon.Runtime/IClientConfig.cs
@@ -387,6 +387,13 @@ public partial interface IClientConfig
         /// </summary>
         ResponseChecksumValidation ResponseChecksumValidation { get; }
 
+        /// <summary>
+        /// Controls whether the resolved endpoint will include the account id. This allows for direct routing of traffic
+        /// to the cell responsible for a given account, which avoids the additional latency of extra backend hops and reduces
+        /// complexity in the routing layer.
+        /// </summary>
+        public AccountIdEndpointMode AccountIdEndpointMode { get; }
+
 #if BCL
         /// <summary>
         /// Gets the TCP keep-alive values to use for service requests. Enabling TCP keep-alive sends periodic TCP keep-alive probe packets, to prevent disconnection due to 
diff --git a/sdk/src/Core/Amazon.Runtime/Internal/UserAgent/UserAgentFeatureId.cs b/sdk/src/Core/Amazon.Runtime/Internal/UserAgent/UserAgentFeatureId.cs
@@ -156,9 +156,9 @@ public class UserAgentFeatureId : ConstantClass
         public static readonly UserAgentFeatureId CREDENTIALS_STS_ASSUME_ROLE_WEB_ID = new UserAgentFeatureId("k");
 
         /// <summary>
-        /// An operation called using credentials resolved from STS using a federation token.
+        /// An operation called using credentials resolved from STS using assume role with SAML.
         /// </summary>
-        public static readonly UserAgentFeatureId CREDENTIALS_STS_FEDERATION_TOKEN = new UserAgentFeatureId("l");
+        public static readonly UserAgentFeatureId CREDENTIALS_STS_ASSUME_ROLE_SAML = new UserAgentFeatureId("j");
 
         /// <summary>
         /// An operation called using credentials resolved from STS using a session token.
diff --git a/sdk/src/Core/Amazon.Runtime/Pipeline/Handlers/BaseEndpointResolver.cs b/sdk/src/Core/Amazon.Runtime/Pipeline/Handlers/BaseEndpointResolver.cs
@@ -20,6 +20,7 @@
 using Amazon.Runtime.Internal.Auth;
 using Amazon.Runtime.Telemetry;
 using Amazon.Runtime.Telemetry.Metrics;
+using Amazon.Runtime.Internal.UserAgent;
 
 namespace Amazon.Runtime.Internal
 {
@@ -73,6 +74,10 @@ public virtual void ProcessRequestHandlers(IExecutionContext executionContext)
                 };
                 requestContext.Request.Endpoint = uriBuilder.Uri;
             }
+            if (!string.IsNullOrEmpty(requestContext.ClientConfig.ServiceURL))
+            {
+                requestContext.UserAgentDetails.AddFeature(UserAgentFeatureId.ENDPOINT_OVERRIDE);
+            }
 
             // set authentication parameters and headers
             SetAuthenticationAndHeaders(requestContext.Request, endpoint);
diff --git a/sdk/src/Core/Amazon.Runtime/Pipeline/Handlers/Marshaller.cs b/sdk/src/Core/Amazon.Runtime/Pipeline/Handlers/Marshaller.cs
@@ -126,7 +126,13 @@ private static void SetRecursionDetectionHeader(IDictionary<string, string> head
 
         private static void UpdateUserAgentDetails(IRequestContext requestContext)
         {
-            var sb = new StringBuilder(256);
+            var accountIdMode = requestContext.ClientConfig.AccountIdEndpointMode;
+            if (accountIdMode == AccountIdEndpointMode.DISABLED)
+                requestContext.UserAgentDetails.AddFeature(UserAgentFeatureId.ACCOUNT_ID_MODE_DISABLED);
+            else if (accountIdMode == AccountIdEndpointMode.PREFERRED)
+                requestContext.UserAgentDetails.AddFeature(UserAgentFeatureId.ACCOUNT_ID_MODE_PREFERRED);
+            else if (accountIdMode == AccountIdEndpointMode.REQUIRED)
+                requestContext.UserAgentDetails.AddFeature(UserAgentFeatureId.ACCOUNT_ID_MODE_REQUIRED);
 
             requestContext.UserAgentDetails.AddUserAgentComponent(InternalSDKUtils.ReplaceInvalidUserAgentCharacters(requestContext.ClientConfig.UserAgent));
 
diff --git a/sdk/src/Core/Amazon.Runtime/Pipeline/Handlers/Signer.cs b/sdk/src/Core/Amazon.Runtime/Pipeline/Handlers/Signer.cs
@@ -15,6 +15,8 @@
 
 using Amazon.Runtime.EventStreams.Internal;
 using Amazon.Runtime.Internal.Auth;
+using Amazon.Runtime.Internal.UserAgent;
+using Amazon.Runtime.Internal.Util;
 using Amazon.Runtime.Telemetry;
 using Amazon.Runtime.Telemetry.Metrics;
 using Amazon.Runtime.Telemetry.Tracing;
@@ -133,6 +135,10 @@ public static void SignRequest(IRequestContext requestContext)
                             throw new InvalidDataException("Cannot determine protocol");
                     }
                 }
+                if (!string.IsNullOrEmpty(immutableCredentials?.AccountId))
+                {
+                    requestContext.UserAgentDetails.AddFeature(UserAgentFeatureId.RESOLVED_ACCOUNT_ID);
+                }
 
                 requestContext.Signer.Sign(
                     requestContext.Request,
@@ -198,6 +204,10 @@ private static async Task SignRequestAsync(IRequestContext requestContext)
                             throw new InvalidDataException("Cannot determine protocol");
                     }
                 }
+                if (!string.IsNullOrEmpty(immutableCredentials?.AccountId))
+                {
+                    requestContext.UserAgentDetails.AddFeature(UserAgentFeatureId.RESOLVED_ACCOUNT_ID);
+                }
 
                 await requestContext.Signer
                     .SignAsync(
diff --git a/sdk/src/Core/Amazon.Runtime/Pipeline/HttpHandler/HttpHandler.cs b/sdk/src/Core/Amazon.Runtime/Pipeline/HttpHandler/HttpHandler.cs
@@ -26,6 +26,7 @@
 using System.Net;
 using System.Reflection;
 using System.Text;
+using Amazon.Runtime.Internal.UserAgent;
 
 namespace Amazon.Runtime.Internal
 {
@@ -503,6 +504,9 @@ private static System.IO.Stream GetInputStream(IRequestContext requestContext, S
 
         private void SetUserAgentHeader(IRequestContext requestContext)
         {
+            if (requestContext.Request.SignatureVersion == SignatureVersion.SigV4a)
+                requestContext.UserAgentDetails.AddFeature(UserAgentFeatureId.SIGV4A_SIGNING);
+
             var metricsUserAgent = requestContext.UserAgentDetails.GenerateUserAgentWithMetrics();
             Logger.DebugFormat("User-Agent Header: {0}", metricsUserAgent);
 
diff --git a/sdk/src/Services/S3/Custom/Internal/AmazonS3PostMarshallHandler.cs b/sdk/src/Services/S3/Custom/Internal/AmazonS3PostMarshallHandler.cs
@@ -24,6 +24,7 @@
 using Amazon.Util;
 using Amazon.S3.Util;
 using Amazon.S3.Model;
+using Amazon.Runtime.Internal.UserAgent;
 
 #pragma warning disable 1591
 
@@ -66,6 +67,9 @@ protected virtual void PreInvoke(IExecutionContext executionContext)
 
         private static void ProcessPreRequestHandlers(IExecutionContext executionContext)
         {
+            if (executionContext.RequestContext.Request.IsDirectoryBucket())
+                executionContext.RequestContext.UserAgentDetails.AddFeature(UserAgentFeatureId.S3_EXPRESS_BUCKET);
+
             var originalRequest = executionContext.RequestContext.OriginalRequest;
             if (SetStreamChecksum(originalRequest, executionContext.RequestContext.Request))
                 return;
diff --git a/sdk/test/UnitTests/Custom/EndpointsTests.cs b/sdk/test/UnitTests/Custom/EndpointsTests.cs
@@ -68,10 +68,12 @@ public void EndpointResolverHttpsServiceURLVsUseHttp()
                 ServiceURL = serviceURL,
                 UseHttp = true
             };
+            var originalRequest = new MockAmazonWebServiceRequest();
             var requestContext = new RequestContext(false, new NullSigner())
             {
                 ClientConfig = config,
-                Request = new DefaultRequest(new MockAmazonWebServiceRequest(), "test-service")
+                Request = new DefaultRequest(originalRequest, "test-service"),
+                OriginalRequest = originalRequest,
             };
 
             var executionContext = new ExecutionContext(requestContext, null);

Original file line number	Diff line number	Diff line change
`@@ -77,7 +77,7 @@ public FederatedAWSCredentials(SAMLEndpoint samlEndpoint, string roleArn,`
`77`	`77`	`SAMLEndpoint = samlEndpoint ?? throw new ArgumentNullException("samlEndpoint");`
`78`	`78`	`RoleArn = roleArn;`
`79`	`79`	`PreemptExpiryTime = DefaultPreemptExpiryTime;`
`80`		`- FeatureIdSources.Add(UserAgentFeatureId.CREDENTIALS_STS_FEDERATION_TOKEN);`
	`80`	`+ FeatureIdSources.Add(UserAgentFeatureId.CREDENTIALS_STS_ASSUME_ROLE_SAML);`
`81`	`81`	`}`
`82`	`82`
`83`	`83`	`/// <summary>`
Original file line number	Diff line number	Diff line change
`@@ -26,6 +26,7 @@`
`26`	`26`	`using System.Net;`
`27`	`27`	`using System.Reflection;`
`28`	`28`	`using System.Text;`
	`29`	`+using Amazon.Runtime.Internal.UserAgent;`
`29`	`30`
`30`	`31`	`namespace Amazon.Runtime.Internal`
`31`	`32`	`{`
`@@ -503,6 +504,9 @@ private static System.IO.Stream GetInputStream(IRequestContext requestContext, S`
`503`	`504`
`504`	`505`	`private void SetUserAgentHeader(IRequestContext requestContext)`
`505`	`506`	`{`
	`507`	`+ if (requestContext.Request.SignatureVersion == SignatureVersion.SigV4a)`
	`508`	`+ requestContext.UserAgentDetails.AddFeature(UserAgentFeatureId.SIGV4A_SIGNING);`
	`509`	`+`
`506`	`510`	`var metricsUserAgent = requestContext.UserAgentDetails.GenerateUserAgentWithMetrics();`
`507`	`511`	`Logger.DebugFormat("User-Agent Header: {0}", metricsUserAgent);`
`508`	`512`