From 5464aa13e43202466cf4af297c1cf58d665ef315 Mon Sep 17 00:00:00 2001 From: Matas Lauzadis Date: Mon, 22 Jan 2024 10:04:28 -0500 Subject: [PATCH 01/14] Fix sigv4a application --- .../SigV4AsymmetricTraitCustomization.kt | 31 ++++++++++--------- .../UnsupportedSigningAlgorithmIntegration.kt | 7 +++-- 2 files changed, 21 insertions(+), 17 deletions(-) diff --git a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt index 0fdabe539dd..c5e9da98962 100644 --- a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt +++ b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt @@ -9,7 +9,7 @@ import software.amazon.smithy.aws.traits.auth.SigV4ATrait import software.amazon.smithy.aws.traits.auth.SigV4Trait import software.amazon.smithy.kotlin.codegen.KotlinSettings import software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration -import software.amazon.smithy.kotlin.codegen.model.expectTrait +import software.amazon.smithy.kotlin.codegen.model.getTrait import software.amazon.smithy.model.Model import software.amazon.smithy.model.shapes.ServiceShape import software.amazon.smithy.model.traits.AuthTrait @@ -33,19 +33,22 @@ class SigV4AsymmetricTraitCustomization : KotlinIntegration { override fun preprocessModel(model: Model, settings: KotlinSettings): Model = ModelTransformer.create().mapShapes(model) { shape -> when (shape.isServiceShape) { - true -> - (shape as ServiceShape) - .toBuilder() - .addTraits( - mutableSetOf( - SigV4ATrait - .builder() - .name(shape.expectTrait().arnNamespace) - .build(), - AuthTrait(mutableSetOf(SigV4ATrait.ID, SigV4Trait.ID)), - ), - ) - .build() + true -> { + val builder = (shape as ServiceShape).toBuilder() + val name = shape.getTrait()?.name ?: shape.getTrait()?.arnNamespace + builder.addTrait(SigV4ATrait.builder().name(name).build()) + + val authTrait = shape.getTrait()?.let { + if (it.valueSet.contains(SigV4ATrait.ID)) { + it + } else { + AuthTrait(it.valueSet + mutableSetOf(SigV4ATrait.ID)) + } + } ?: AuthTrait(mutableSetOf(SigV4Trait.ID, SigV4ATrait.ID)) + builder.addTrait(authTrait) + + builder.build() + } false -> shape } } diff --git a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/s3/UnsupportedSigningAlgorithmIntegration.kt b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/s3/UnsupportedSigningAlgorithmIntegration.kt index 24dc78e7e07..2513b626e2a 100644 --- a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/s3/UnsupportedSigningAlgorithmIntegration.kt +++ b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/s3/UnsupportedSigningAlgorithmIntegration.kt @@ -8,12 +8,10 @@ import aws.sdk.kotlin.codegen.AwsRuntimeTypes import software.amazon.smithy.kotlin.codegen.KotlinSettings import software.amazon.smithy.kotlin.codegen.core.KotlinWriter import software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration -import software.amazon.smithy.kotlin.codegen.model.expectShape import software.amazon.smithy.kotlin.codegen.rendering.protocol.ProtocolGenerator import software.amazon.smithy.kotlin.codegen.rendering.protocol.ProtocolMiddleware import software.amazon.smithy.model.Model import software.amazon.smithy.model.shapes.OperationShape -import software.amazon.smithy.model.shapes.ServiceShape // FIXME: Remove this once sigV4a is supported by default AWS signer /** @@ -22,7 +20,10 @@ import software.amazon.smithy.model.shapes.ServiceShape */ class UnsupportedSigningAlgorithmIntegration : KotlinIntegration { override fun enabledForService(model: Model, settings: KotlinSettings): Boolean = - model.expectShape(settings.service).isS3 + when (settings.sdkId.lowercase()) { + "s3", "eventbridge", "cloudfront keyvaluestore" -> true + else -> false + } override fun customizeMiddleware( ctx: ProtocolGenerator.GenerationContext, From c04e2d58bb0637af48d16f9147e6e2c52e916b17 Mon Sep 17 00:00:00 2001 From: Matas Lauzadis Date: Mon, 22 Jan 2024 10:32:49 -0500 Subject: [PATCH 02/14] Simplify --- .../customization/SigV4AsymmetricTraitCustomization.kt | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt index c5e9da98962..85e43a31dcd 100644 --- a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt +++ b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt @@ -35,8 +35,11 @@ class SigV4AsymmetricTraitCustomization : KotlinIntegration { when (shape.isServiceShape) { true -> { val builder = (shape as ServiceShape).toBuilder() - val name = shape.getTrait()?.name ?: shape.getTrait()?.arnNamespace - builder.addTrait(SigV4ATrait.builder().name(name).build()) + builder.addTrait( + SigV4ATrait.builder() + .name(shape.getTrait()?.name ?: shape.getTrait()?.arnNamespace) + .build() + ) val authTrait = shape.getTrait()?.let { if (it.valueSet.contains(SigV4ATrait.ID)) { From 88a29b2af21276572deb5cbdaf8b3c7308be2e16 Mon Sep 17 00:00:00 2001 From: Matas Lauzadis Date: Mon, 22 Jan 2024 10:33:06 -0500 Subject: [PATCH 03/14] ktlint --- .../codegen/customization/SigV4AsymmetricTraitCustomization.kt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt index 85e43a31dcd..9e9bca6c67a 100644 --- a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt +++ b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt @@ -38,7 +38,7 @@ class SigV4AsymmetricTraitCustomization : KotlinIntegration { builder.addTrait( SigV4ATrait.builder() .name(shape.getTrait()?.name ?: shape.getTrait()?.arnNamespace) - .build() + .build(), ) val authTrait = shape.getTrait()?.let { From 4b196601ed97b3bf610577874b07d87a3e5c7a5b Mon Sep 17 00:00:00 2001 From: Matas Lauzadis Date: Mon, 22 Jan 2024 11:19:51 -0500 Subject: [PATCH 04/14] changelog --- .changes/517318e5-0ba6-472c-a51f-bb4e758215e2.json | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 .changes/517318e5-0ba6-472c-a51f-bb4e758215e2.json diff --git a/.changes/517318e5-0ba6-472c-a51f-bb4e758215e2.json b/.changes/517318e5-0ba6-472c-a51f-bb4e758215e2.json new file mode 100644 index 00000000000..163d62fd11a --- /dev/null +++ b/.changes/517318e5-0ba6-472c-a51f-bb4e758215e2.json @@ -0,0 +1,5 @@ +{ + "id": "517318e5-0ba6-472c-a51f-bb4e758215e2", + "type": "bugfix", + "description": "Fix application of sigv4a authentication scheme for S3, Eventbridge, and CloudFront KeyValueStore" +} \ No newline at end of file From 7acd860ad91422e7d3865c28ff1993a879f5b2a3 Mon Sep 17 00:00:00 2001 From: Matas Lauzadis Date: Mon, 22 Jan 2024 13:36:01 -0500 Subject: [PATCH 05/14] Add a check for if SigV4ATrait is already applied --- .../customization/SigV4AsymmetricTraitCustomization.kt | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt index 9e9bca6c67a..c35b0828782 100644 --- a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt +++ b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt @@ -24,11 +24,11 @@ class SigV4AsymmetricTraitCustomization : KotlinIntegration { // Needs to happen before the `SigV4AsymmetricAuthSchemeIntegration` & `SigV4AuthSchemeIntegration` (-50 & -50) override val order: Byte = -60 + // services which support SigV4A but don't model it + private val unmodeledSigV4aServices = listOf("s3", "eventbridge", "cloudfront keyvaluestore") + override fun enabledForService(model: Model, settings: KotlinSettings): Boolean = - when (settings.sdkId.lowercase()) { - "s3", "eventbridge", "cloudfront keyvaluestore" -> true - else -> false - } + unmodeledSigV4aServices.contains(settings.sdkId.lowercase()) && !model.isTraitApplied(SigV4ATrait::class.java) override fun preprocessModel(model: Model, settings: KotlinSettings): Model = ModelTransformer.create().mapShapes(model) { shape -> From 17a5bbc758a656c6d220497b80e29347b9172e50 Mon Sep 17 00:00:00 2001 From: Matas Lauzadis Date: Tue, 23 Jan 2024 12:40:58 -0500 Subject: [PATCH 06/14] Add a special-case for CloudFront KVS --- ...eStoreSigV4APrioritizationCustomization.kt | 42 +++++++++++++++++++ ...tlin.codegen.integration.KotlinIntegration | 1 + 2 files changed, 43 insertions(+) create mode 100644 codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt diff --git a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt new file mode 100644 index 00000000000..2f2b4397ae5 --- /dev/null +++ b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt @@ -0,0 +1,42 @@ +/* + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0 + */ +package aws.sdk.kotlin.codegen.customization + +import software.amazon.smithy.aws.traits.auth.SigV4ATrait +import software.amazon.smithy.aws.traits.auth.SigV4Trait +import software.amazon.smithy.kotlin.codegen.KotlinSettings +import software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration +import software.amazon.smithy.model.Model +import software.amazon.smithy.model.shapes.ServiceShape +import software.amazon.smithy.model.traits.AuthTrait +import software.amazon.smithy.model.transform.ModelTransformer + +/** + * Modify the [AuthTrait] of the CloudFront KeyValueStore service, placing SigV4A before SigV4 in the + * prioritized list. + */ +class CloudFrontKeyValueStoreSigV4APrioritizationCustomization : KotlinIntegration { + // Runs after SigV4AsymmetricTraitCustomization (-60) and before `SigV4AsymmetricAuthSchemeIntegration`(-50) and `SigV4AuthSchemeIntegration` (-50) + override val order: Byte = -55 + + override fun enabledForService(model: Model, settings: KotlinSettings): Boolean = settings.sdkId.lowercase() == "cloudfront keyvaluestore" + + override fun preprocessModel(model: Model, settings: KotlinSettings): Model = + ModelTransformer.create().mapShapes(model) { shape -> + when (shape.isServiceShape) { + true -> { + val builder = (shape as ServiceShape).toBuilder() + builder.removeTrait(AuthTrait.ID) // remove existing auth trait + + // add a new auth trait with SigV4A in front + val authTrait = AuthTrait(mutableSetOf(SigV4ATrait.ID, SigV4Trait.ID)) + builder.addTrait(authTrait) + + builder.build() + } + false -> shape + } + } +} \ No newline at end of file diff --git a/codegen/aws-sdk-codegen/src/main/resources/META-INF/services/software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration b/codegen/aws-sdk-codegen/src/main/resources/META-INF/services/software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration index f0f4c2e49d6..a248e31fe3a 100644 --- a/codegen/aws-sdk-codegen/src/main/resources/META-INF/services/software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration +++ b/codegen/aws-sdk-codegen/src/main/resources/META-INF/services/software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration @@ -38,3 +38,4 @@ aws.sdk.kotlin.codegen.customization.ec2.EC2MakePrimitivesOptional aws.sdk.kotlin.codegen.customization.RemoveDefaults aws.sdk.kotlin.codegen.customization.s3.UnsupportedSigningAlgorithmIntegration aws.sdk.kotlin.codegen.customization.SigV4AsymmetricTraitCustomization +aws.sdk.kotlin.codegen.customization.CloudFrontKeyValueStoreSigV4APrioritizationCustomization From 4966aed48393376d8d425b25572429af4009edf5 Mon Sep 17 00:00:00 2001 From: Matas Lauzadis Date: Tue, 23 Jan 2024 12:46:22 -0500 Subject: [PATCH 07/14] ktlint --- .../CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt index 2f2b4397ae5..475fb452665 100644 --- a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt +++ b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt @@ -39,4 +39,4 @@ class CloudFrontKeyValueStoreSigV4APrioritizationCustomization : KotlinIntegrati false -> shape } } -} \ No newline at end of file +} From 10804da09c92f759a247b47481ce2463a15ebeac Mon Sep 17 00:00:00 2001 From: Matas Lauzadis Date: Tue, 23 Jan 2024 16:13:59 -0500 Subject: [PATCH 08/14] Relocate file and preserve existing auth trait values --- ...alueStoreSigV4APrioritizationCustomization.kt | 16 ++++++++++------ ....kotlin.codegen.integration.KotlinIntegration | 2 +- 2 files changed, 11 insertions(+), 7 deletions(-) rename codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/{ => cloudfrontkeyvaluestore}/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt (70%) diff --git a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt similarity index 70% rename from codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt rename to codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt index 475fb452665..8283133e3c2 100644 --- a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt +++ b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt @@ -2,12 +2,12 @@ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0 */ -package aws.sdk.kotlin.codegen.customization +package aws.sdk.kotlin.codegen.customization.cloudfrontkeyvaluestore import software.amazon.smithy.aws.traits.auth.SigV4ATrait -import software.amazon.smithy.aws.traits.auth.SigV4Trait import software.amazon.smithy.kotlin.codegen.KotlinSettings import software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration +import software.amazon.smithy.kotlin.codegen.model.getTrait import software.amazon.smithy.model.Model import software.amazon.smithy.model.shapes.ServiceShape import software.amazon.smithy.model.traits.AuthTrait @@ -28,11 +28,15 @@ class CloudFrontKeyValueStoreSigV4APrioritizationCustomization : KotlinIntegrati when (shape.isServiceShape) { true -> { val builder = (shape as ServiceShape).toBuilder() - builder.removeTrait(AuthTrait.ID) // remove existing auth trait + val authTraitValueSet = shape.getTrait()?.valueSet ?: mutableSetOf() - // add a new auth trait with SigV4A in front - val authTrait = AuthTrait(mutableSetOf(SigV4ATrait.ID, SigV4Trait.ID)) - builder.addTrait(authTrait) + if (!authTraitValueSet.contains(SigV4ATrait.ID)) { + // remove existing auth trait + builder.removeTrait(AuthTrait.ID) + + // add a new auth trait with SigV4A in front of the existing values + builder.addTrait(AuthTrait(mutableSetOf(SigV4ATrait.ID) + authTraitValueSet)) + } builder.build() } diff --git a/codegen/aws-sdk-codegen/src/main/resources/META-INF/services/software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration b/codegen/aws-sdk-codegen/src/main/resources/META-INF/services/software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration index a248e31fe3a..408dfca0d08 100644 --- a/codegen/aws-sdk-codegen/src/main/resources/META-INF/services/software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration +++ b/codegen/aws-sdk-codegen/src/main/resources/META-INF/services/software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration @@ -38,4 +38,4 @@ aws.sdk.kotlin.codegen.customization.ec2.EC2MakePrimitivesOptional aws.sdk.kotlin.codegen.customization.RemoveDefaults aws.sdk.kotlin.codegen.customization.s3.UnsupportedSigningAlgorithmIntegration aws.sdk.kotlin.codegen.customization.SigV4AsymmetricTraitCustomization -aws.sdk.kotlin.codegen.customization.CloudFrontKeyValueStoreSigV4APrioritizationCustomization +aws.sdk.kotlin.codegen.customization.cloudfrontkeyvaluestore.CloudFrontKeyValueStoreSigV4APrioritizationCustomization From 9138074aab980aa9d61bc64ae985dcae194c1bdd Mon Sep 17 00:00:00 2001 From: Matas Lauzadis Date: Tue, 23 Jan 2024 16:15:45 -0500 Subject: [PATCH 09/14] Check first element --- .../CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt index 8283133e3c2..eb324676d6d 100644 --- a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt +++ b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt @@ -30,7 +30,7 @@ class CloudFrontKeyValueStoreSigV4APrioritizationCustomization : KotlinIntegrati val builder = (shape as ServiceShape).toBuilder() val authTraitValueSet = shape.getTrait()?.valueSet ?: mutableSetOf() - if (!authTraitValueSet.contains(SigV4ATrait.ID)) { + if (authTraitValueSet.firstOrNull() != SigV4ATrait.ID) { // remove existing auth trait builder.removeTrait(AuthTrait.ID) From dc4e09d25ce2b5fe8e165f323b6bea02aac4386c Mon Sep 17 00:00:00 2001 From: Matas Lauzadis Date: Tue, 23 Jan 2024 16:28:21 -0500 Subject: [PATCH 10/14] Add explanation of SigV4A being added to the end --- .../codegen/customization/SigV4AsymmetricTraitCustomization.kt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt index c35b0828782..2af602566ea 100644 --- a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt +++ b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt @@ -41,6 +41,9 @@ class SigV4AsymmetricTraitCustomization : KotlinIntegration { .build(), ) + // SigV4A is added at the end because these services model SigV4A through endpoint rules instead of the service shape. + // Because of that, SigV4A can apply to any operation, and the safest thing to do is add it at the end + // and let the endpoint rules change priority as needed. val authTrait = shape.getTrait()?.let { if (it.valueSet.contains(SigV4ATrait.ID)) { it From d60f45edfd19177cebe4aa97eb120a4698a8025d Mon Sep 17 00:00:00 2001 From: Matas Lauzadis Date: Tue, 23 Jan 2024 16:32:57 -0500 Subject: [PATCH 11/14] Remove "cloudfront keyvaluestore" from SigV4AsymmetricTraitCustomization --- .../SigV4AsymmetricTraitCustomization.kt | 2 +- ...stomization.kt => BackfillSigV4ACustomization.kt} | 12 ++++++++++-- ...ithy.kotlin.codegen.integration.KotlinIntegration | 2 +- 3 files changed, 12 insertions(+), 4 deletions(-) rename codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/{CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt => BackfillSigV4ACustomization.kt} (82%) diff --git a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt index 2af602566ea..aa12096172b 100644 --- a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt +++ b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt @@ -25,7 +25,7 @@ class SigV4AsymmetricTraitCustomization : KotlinIntegration { override val order: Byte = -60 // services which support SigV4A but don't model it - private val unmodeledSigV4aServices = listOf("s3", "eventbridge", "cloudfront keyvaluestore") + private val unmodeledSigV4aServices = listOf("s3", "eventbridge") override fun enabledForService(model: Model, settings: KotlinSettings): Boolean = unmodeledSigV4aServices.contains(settings.sdkId.lowercase()) && !model.isTraitApplied(SigV4ATrait::class.java) diff --git a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/BackfillSigV4ACustomization.kt similarity index 82% rename from codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt rename to codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/BackfillSigV4ACustomization.kt index eb324676d6d..f886ae13074 100644 --- a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/CloudFrontKeyValueStoreSigV4APrioritizationCustomization.kt +++ b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/BackfillSigV4ACustomization.kt @@ -4,7 +4,9 @@ */ package aws.sdk.kotlin.codegen.customization.cloudfrontkeyvaluestore +import software.amazon.smithy.aws.traits.ServiceTrait import software.amazon.smithy.aws.traits.auth.SigV4ATrait +import software.amazon.smithy.aws.traits.auth.SigV4Trait import software.amazon.smithy.kotlin.codegen.KotlinSettings import software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration import software.amazon.smithy.kotlin.codegen.model.getTrait @@ -17,9 +19,8 @@ import software.amazon.smithy.model.transform.ModelTransformer * Modify the [AuthTrait] of the CloudFront KeyValueStore service, placing SigV4A before SigV4 in the * prioritized list. */ -class CloudFrontKeyValueStoreSigV4APrioritizationCustomization : KotlinIntegration { +class BackfillSigV4ACustomization : KotlinIntegration { // Runs after SigV4AsymmetricTraitCustomization (-60) and before `SigV4AsymmetricAuthSchemeIntegration`(-50) and `SigV4AuthSchemeIntegration` (-50) - override val order: Byte = -55 override fun enabledForService(model: Model, settings: KotlinSettings): Boolean = settings.sdkId.lowercase() == "cloudfront keyvaluestore" @@ -28,6 +29,13 @@ class CloudFrontKeyValueStoreSigV4APrioritizationCustomization : KotlinIntegrati when (shape.isServiceShape) { true -> { val builder = (shape as ServiceShape).toBuilder() + + builder.addTrait( + SigV4ATrait.builder() + .name(shape.getTrait()?.name ?: shape.getTrait()?.arnNamespace) + .build(), + ) + val authTraitValueSet = shape.getTrait()?.valueSet ?: mutableSetOf() if (authTraitValueSet.firstOrNull() != SigV4ATrait.ID) { diff --git a/codegen/aws-sdk-codegen/src/main/resources/META-INF/services/software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration b/codegen/aws-sdk-codegen/src/main/resources/META-INF/services/software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration index 408dfca0d08..1eeb8f5a1d3 100644 --- a/codegen/aws-sdk-codegen/src/main/resources/META-INF/services/software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration +++ b/codegen/aws-sdk-codegen/src/main/resources/META-INF/services/software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration @@ -38,4 +38,4 @@ aws.sdk.kotlin.codegen.customization.ec2.EC2MakePrimitivesOptional aws.sdk.kotlin.codegen.customization.RemoveDefaults aws.sdk.kotlin.codegen.customization.s3.UnsupportedSigningAlgorithmIntegration aws.sdk.kotlin.codegen.customization.SigV4AsymmetricTraitCustomization -aws.sdk.kotlin.codegen.customization.cloudfrontkeyvaluestore.CloudFrontKeyValueStoreSigV4APrioritizationCustomization +aws.sdk.kotlin.codegen.customization.cloudfrontkeyvaluestore.BackfillSigV4ACustomization From 5184124bee7515f1cd294be3b5c7396a0997909f Mon Sep 17 00:00:00 2001 From: Matas Lauzadis Date: Tue, 23 Jan 2024 16:33:45 -0500 Subject: [PATCH 12/14] Remove lonely comment --- .../cloudfrontkeyvaluestore/BackfillSigV4ACustomization.kt | 2 -- 1 file changed, 2 deletions(-) diff --git a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/BackfillSigV4ACustomization.kt b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/BackfillSigV4ACustomization.kt index f886ae13074..8143173acd6 100644 --- a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/BackfillSigV4ACustomization.kt +++ b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/BackfillSigV4ACustomization.kt @@ -20,8 +20,6 @@ import software.amazon.smithy.model.transform.ModelTransformer * prioritized list. */ class BackfillSigV4ACustomization : KotlinIntegration { - // Runs after SigV4AsymmetricTraitCustomization (-60) and before `SigV4AsymmetricAuthSchemeIntegration`(-50) and `SigV4AuthSchemeIntegration` (-50) - override fun enabledForService(model: Model, settings: KotlinSettings): Boolean = settings.sdkId.lowercase() == "cloudfront keyvaluestore" override fun preprocessModel(model: Model, settings: KotlinSettings): Model = From 17ab7d90ca2f681a17be33b96aa7f904950cc52b Mon Sep 17 00:00:00 2001 From: Matas Lauzadis Date: Tue, 23 Jan 2024 16:38:56 -0500 Subject: [PATCH 13/14] Add a check when applying the SigV4A trait --- .../SigV4AsymmetricTraitCustomization.kt | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt index aa12096172b..6dad39c281b 100644 --- a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt +++ b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/SigV4AsymmetricTraitCustomization.kt @@ -10,6 +10,7 @@ import software.amazon.smithy.aws.traits.auth.SigV4Trait import software.amazon.smithy.kotlin.codegen.KotlinSettings import software.amazon.smithy.kotlin.codegen.integration.KotlinIntegration import software.amazon.smithy.kotlin.codegen.model.getTrait +import software.amazon.smithy.kotlin.codegen.model.hasTrait import software.amazon.smithy.model.Model import software.amazon.smithy.model.shapes.ServiceShape import software.amazon.smithy.model.traits.AuthTrait @@ -35,11 +36,14 @@ class SigV4AsymmetricTraitCustomization : KotlinIntegration { when (shape.isServiceShape) { true -> { val builder = (shape as ServiceShape).toBuilder() - builder.addTrait( - SigV4ATrait.builder() - .name(shape.getTrait()?.name ?: shape.getTrait()?.arnNamespace) - .build(), - ) + + if (!shape.hasTrait()) { + builder.addTrait( + SigV4ATrait.builder() + .name(shape.getTrait()?.name ?: shape.getTrait()?.arnNamespace) + .build(), + ) + } // SigV4A is added at the end because these services model SigV4A through endpoint rules instead of the service shape. // Because of that, SigV4A can apply to any operation, and the safest thing to do is add it at the end From 77617665380316b13120988c9b8170b69407f500 Mon Sep 17 00:00:00 2001 From: Matas Lauzadis Date: Tue, 23 Jan 2024 16:39:14 -0500 Subject: [PATCH 14/14] ktlint --- .../cloudfrontkeyvaluestore/BackfillSigV4ACustomization.kt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/BackfillSigV4ACustomization.kt b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/BackfillSigV4ACustomization.kt index 8143173acd6..fe74bc88003 100644 --- a/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/BackfillSigV4ACustomization.kt +++ b/codegen/aws-sdk-codegen/src/main/kotlin/aws/sdk/kotlin/codegen/customization/cloudfrontkeyvaluestore/BackfillSigV4ACustomization.kt @@ -31,7 +31,7 @@ class BackfillSigV4ACustomization : KotlinIntegration { builder.addTrait( SigV4ATrait.builder() .name(shape.getTrait()?.name ?: shape.getTrait()?.arnNamespace) - .build(), + .build(), ) val authTraitValueSet = shape.getTrait()?.valueSet ?: mutableSetOf()