fix!: Exposes a sync init for client configs (#957)

* Exposes a sync init for client configs

* regens models for new client config inits

* Fixes swiftlint issues

* regens models

Sources/Core/AWSClientRuntime/AWSClientConfiguration.swift

@@ -6,7 +6,7 @@
 import ClientRuntime
 
 public protocol AWSRuntimeConfiguration {
-    var credentialsProvider: CredentialsProvider { get set }
+    var credentialsProvider: CredentialsProviding { get set }
     var region: String? { get set }
     var signingRegion: String? {get set}
     var regionResolver: RegionResolver? {get set}

Sources/Core/AWSClientRuntime/Auth/CredentialsProviders/CachedCredentialsProvider.swift

@@ -0,0 +1,32 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+import AwsCommonRuntimeKit
+import ClientRuntime
+import Foundation
+
+///  A credentials provider that caches the credentials sourced from the provided credentials provider.
+public struct CachedCredentialsProvider: CredentialsSourcedByCRT {
+    let crtCredentialsProvider: CRTCredentialsProvider
+
+    /// Creates a credentials provider that caches the credentials sourced from the provided credentials provider.
+    /// Credentials sourced through this provider will be cached within it until their expiration time.
+    /// When the cached credentials expire, new credentials will be fetched when next queried.
+    ///
+    /// - Parameters:
+    ///   - source: The source credentials provider to get the credentials.
+    ///   - refreshTime: The number of seconds that must pass before new credentials will be fetched again.
+    public init(
+        source: CredentialsProviding,
+        refreshTime: TimeInterval
+    ) throws {
+        self.crtCredentialsProvider = try CRTCredentialsProvider(source: .cached(
+            source: try source.getCRTCredentialsProvider(),
+            refreshTime: refreshTime
+        ))
+    }
+}

Sources/Core/AWSClientRuntime/Auth/CredentialsProviders/CustomCredentialsProvider.swift

@@ -0,0 +1,26 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+import AwsCommonRuntimeKit
+import ClientRuntime
+import Foundation
+
+/// Creates a credentials provider that uses the provided the object confirming to `CredentialsProviding` to source the credentials.
+struct CustomCredentialsProvider: CredentialsSourcedByCRT {
+    let crtCredentialsProvider: CRTCredentialsProvider
+
+    /// Creates a credentials provider that uses the provided the object confirming to `CredentialsProviding` to source the credentials.
+    ///
+    /// - Parameter provider: An object confirming to `CredentialsProviding` to source the credentials.
+    ///
+    /// - Returns: A credentials provider that uses the provided the object confirming to `CredentialsProviding` to source the credentials.
+    init(_ provider: CredentialsProviding) throws {
+        self.crtCredentialsProvider = try CRTCredentialsProvider(
+            provider: CredentialsProvidingCRTAdapter(credentialsProvider: provider)
+        )
+    }
+}

Sources/Core/AWSClientRuntime/Auth/CredentialsProviders/DefaultChainCredentialsProvider.swift

@@ -0,0 +1,39 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+import AwsCommonRuntimeKit
+import ClientRuntime
+import Foundation
+
+/// A credential provider that uses the default AWS credential provider chain used by most AWS SDKs.
+/// This is provider is by default when no credential provider is provided when creating a service client.
+///
+/// The chain resolves in the following order:
+/// 1. Environment
+/// 2. Profile
+/// 3. Web Identity Tokens (STS Web Identity)
+/// 4. ECS (IAM roles for tasks)
+/// 5. EC2 Instance Metadata (IMDSv2)
+///
+/// The credentials retrieved from the chain are cached for 15 minutes.
+public struct DefaultChainCredentialsProvider: CredentialsSourcedByCRT {
+    let crtCredentialsProvider: CRTCredentialsProvider
+
+    /// Creates a credential provider that uses the default AWS credential provider chain used by most AWS SDKs.
+    public init() throws {
+        let fileBasedConfig = try CRTFileBasedConfiguration()
+        try self.init(fileBasedConfig: fileBasedConfig)
+    }
+
+    @_spi(FileBasedConfig)
+    public init(fileBasedConfig: CRTFileBasedConfiguration) throws {
+        self.crtCredentialsProvider = try CRTCredentialsProvider(source: .defaultChain(
+            bootstrap: SDKDefaultIO.shared.clientBootstrap,
+            fileBasedConfiguration: fileBasedConfig
+        ))
+    }
+}

Sources/Core/AWSClientRuntime/Auth/CredentialsProviders/EnvironmentCredentialsProvider.swift

@@ -0,0 +1,26 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+import AwsCommonRuntimeKit
+import ClientRuntime
+import Foundation
+
+/// A credentials provider that sources credentials from the following environment variables:
+/// - `AWS_ACCESS_KEY_ID`
+/// - `AWS_SECRET_ACCESS_KEY`
+/// - `AWS_SESSION_TOKEN`
+public struct EnvironmentCredentialsProvider: CredentialsSourcedByCRT {
+    let crtCredentialsProvider: CRTCredentialsProvider
+
+    /// Creates a credentials provider that sources credentials from the following environment variables:
+    /// - `AWS_ACCESS_KEY_ID`
+    /// - `AWS_SECRET_ACCESS_KEY`
+    /// - `AWS_SESSION_TOKEN`
+    public init() throws {
+        self.crtCredentialsProvider = try CRTCredentialsProvider(source: .environment())
+    }
+}

Sources/Core/AWSClientRuntime/Auth/CredentialsProviders/ProfileCredentialsProvider.swift

@@ -0,0 +1,66 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+import AwsCommonRuntimeKit
+import ClientRuntime
+import Foundation
+
+/// A credentials provider that gets credentials from a profile in `~/.aws/config` or the shared credentials file `~/.aws/credentials`.
+/// The profile name and the  locations of these files are configurable via the initializer and environment variables
+///
+/// This provider supports several credentials formats:
+/// ### Credentials defined explicitly within the file
+/// ```ini
+/// [default]
+/// aws_access_key_id = my-access-key
+/// aws_secret_access_key = my-secret
+/// ```
+///
+/// ### Assumed role credentials loaded from a credential source
+/// ```ini
+/// [default]
+/// role_arn = arn:aws:iam:123456789:role/RoleA
+/// credential_source = Environment
+/// ```
+///
+/// ### Assumed role credentials from a source profile
+/// ```ini
+/// [default]
+/// role_arn = arn:aws:iam:123456789:role/RoleA
+/// source_profile = base
+///
+/// [profile base]
+/// aws_access_key_id = my-access-key
+/// aws_secret_access_key = my-secret
+/// ```
+///
+/// For more complex configurations see [Configuration and credential file settings](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html)
+public struct ProfileCredentialsProvider: CredentialsSourcedByCRT {
+    let crtCredentialsProvider: CRTCredentialsProvider
+
+    /// Creates a credentials provider that gets credentials from a profile in `~/.aws/config` or the shared credentials file `~/.aws/credentials`.
+    ///
+    /// - Parameters:
+    ///   - profileName: The profile name to use. If not provided it will be resolved internally via the `AWS_PROFILE` environment variable or defaulted to `default` if not configured.
+    ///   - configFilePath: The path to the configuration file to use. If not provided it will be resolved internally via the `AWS_CONFIG_FILE` environment variable or defaulted  to `~/.aws/config` if not configured.
+    ///   - credentialsFilePath: The path to the shared credentials file to use. If not provided it will be resolved internally via the `AWS_SHARED_CREDENTIALS_FILE` environment variable or defaulted `~/.aws/credentials` if not configured.
+    public init(
+        profileName: String? = nil,
+        configFilePath: String? = nil,
+        credentialsFilePath: String? = nil
+    ) throws {
+        let fileBasedConfig = try CRTFileBasedConfiguration(
+            configFilePath: configFilePath,
+            credentialsFilePath: credentialsFilePath
+        )
+        self.crtCredentialsProvider = try CRTCredentialsProvider(source: .profile(
+            bootstrap: SDKDefaultIO.shared.clientBootstrap,
+            fileBasedConfiguration: fileBasedConfig,
+            profileFileNameOverride: profileName
+        ))
+    }
+}

Sources/Core/AWSClientRuntime/Auth/CredentialsProviders/STSAssumeRoleCredentialsProvider.swift

@@ -0,0 +1,43 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+import AwsCommonRuntimeKit
+import ClientRuntime
+import Foundation
+
+/// A credential provider that uses another provider to assume a role from the AWS Security Token Service (STS).
+///
+/// When asked to provide credentials, this provider will first invoke the inner credentials provider to get AWS credentials for STS.
+/// Then, it will call STS to get assumed credentials for the desired role.
+///
+/// For more information see [Assume role credential provider](https://docs.aws.amazon.com/sdkref/latest/guide/feature-assume-role-credentials.html)
+public struct STSAssumeRoleCredentialsProvider: CredentialsSourcedByCRT {
+    let crtCredentialsProvider: CRTCredentialsProvider
+
+    /// Creates a credential provider that uses another provider to assume a role from the AWS Security Token Service (STS).
+    ///
+    /// - Parameters:
+    ///   - credentialsProvider: The underlying credentials provider to be used to sign the requests made to STS
+    ///   - roleArn: The ARN of the target role to assume, e.g. `arn:aws:iam:123456789:role/example`
+    ///   - sessionName: The name to associate with the session. This is used to uniquely identify a session when the same role is assumed by different principals or for different reasons. In cross-account scenarios, the session name is visible to, and can be logged by the account that owns the role. The role session name is also in the ARN of the assumed role principal.
+    ///   - durationSeconds: The expiry duration of the STS credentials. Defaults to 15 minutes if not set.
+    public init(
+        credentialsProvider: CredentialsProviding,
+        roleArn: String,
+        sessionName: String,
+        durationSeconds: TimeInterval = .minutes(15)
+    ) throws {
+        self.crtCredentialsProvider = try CRTCredentialsProvider(source: .sts(
+            bootstrap: SDKDefaultIO.shared.clientBootstrap,
+            tlsContext: SDKDefaultIO.shared.tlsContext,
+            credentialsProvider: try credentialsProvider.getCRTCredentialsProvider(),
+            roleArn: roleArn,
+            sessionName: sessionName,
+            duration: durationSeconds
+        ))
+    }
+}