feat!: SRA Identity & Auth (#665)

* chore: Add new identity protocols. (#594)

* Add new identity protocols.

---------

Co-authored-by: Sichan Yoo <[email protected]>

* chore: Add signer protocol. (#598)

* Add signer protocol & refactor HttpContext

---------

Co-authored-by: Sichan Yoo <[email protected]>

* feat: Auth scheme changes (#601)

* Add signer protocol.

* Add http context changes.
---------

Co-authored-by: Sichan Yoo <[email protected]>

* feat: middleware changes (#605)

* Add middlewares - AuthSchemeMiddleware and SignerMiddleware

* Provide hook in auth scheme for signing properties customization.

---------

Co-authored-by: Sichan Yoo <[email protected]>

* feat: codegen changes (#609)

* Add codegen for service specific auth scheme resolver protocol, service specific default auth scheme resolver struct, and service specific auth scheme resolver parameters struct.

* Make ASR throw if passed in ASR params doesn't have region field for SigV4 auth scheme & fix ktlint issues.

* Clean up middlewares.

* Remove auth scheme and signing middlewares from operation stack of protocol tests.

* Update test cases to include new middlewares.

* Codegen more descriptive comment for empty service specific auth scheme resolver protocol.

* Add codegen test for auth scheme resolver generation.

* Move region in middleware context from sdk side to smithy side.

* Remove AWSClientRuntime dependency - signingProperties will be set in auth scheme customization hooks instead.

* Move auth schemes from service specific config to general AWS config.

---------

Co-authored-by: Sichan Yoo <[email protected]>

* chore: update epic branch with new changes in main (#617)

* chore: Require Swift 5.7, fix deprecation warnings (#600)

* feat: support initial-response in RPC based event streams (#597)

* chore: Updates version to 0.32.0

* chore: Add newline to README.md (#602)

* feat: add limited support in smithy-swift for visionOS (#606)

* feat: add support for requiresLength trait and Transfer-Encoding: Chunked (#604)

* chore: Update to aws-crt-swift 0.15.0 (#607)

* fix: content-length middleware should not error on event streams (#608)

* chore: Updates version to 0.33.0

* chore: Improved downstream task (#568)

* chore: Convert idempotency token middleware from closure to reusable type (#610)

* fix: Update aws-crt-swift dependency to 0.17.0 (#612)

* chore: Updates version to 0.34.0

* fix: Endpoint url should be nil if host or scheme is missing (#614)

* fix: Pool HTTP connections based on scheme, host, and port (#615)

* add default log level to initialize method (#616)

* feat: add utility method for converting SdkHttpRequest to URLRequest. (#613)

* Add extension constructor to URLRequest to convert SDKHttpRequest

* Add preprocessor conditional import functionality to SwiftWriter.

---------

Co-authored-by: Sichan Yoo <[email protected]>

* chore: Updates version to 0.35.0

* Update test cases added from main to reflect sra identity & auth fields in middleware context & sra identity & auth middlewares in operation stack.

---------

Co-authored-by: Josh Elkins <[email protected]>
Co-authored-by: David Yaffe <[email protected]>
Co-authored-by: AWS SDK Swift Automation <[email protected]>
Co-authored-by: Cyprien Ricque <[email protected]>
Co-authored-by: Sichan Yoo <[email protected]>

* feat: customizations (#618)

* Add customizations to auth resolve process.

* Add signEvent API to Signer protocol, and rename sign to signRequest.

* Resolve PR comments.

---------

Co-authored-by: Sichan Yoo <[email protected]>

* chore: merge most recent main into I&A project branch (#638)

* chore: Require Swift 5.7, fix deprecation warnings (#600)

* feat: support initial-response in RPC based event streams (#597)

* chore: Updates version to 0.32.0

* chore: Add newline to README.md (#602)

* feat: add limited support in smithy-swift for visionOS (#606)

* feat: add support for requiresLength trait and Transfer-Encoding: Chunked (#604)

* chore: Update to aws-crt-swift 0.15.0 (#607)

* fix: content-length middleware should not error on event streams (#608)

* chore: Updates version to 0.33.0

* chore: Improved downstream task (#568)

* chore: Convert idempotency token middleware from closure to reusable type (#610)

* fix: Update aws-crt-swift dependency to 0.17.0 (#612)

* chore: Updates version to 0.34.0

* fix: Endpoint url should be nil if host or scheme is missing (#614)

* fix: Pool HTTP connections based on scheme, host, and port (#615)

* add default log level to initialize method (#616)

* feat: add utility method for converting SdkHttpRequest to URLRequest. (#613)

* Add extension constructor to URLRequest to convert SDKHttpRequest

* Add preprocessor conditional import functionality to SwiftWriter.

---------

Co-authored-by: Sichan Yoo <[email protected]>

* chore: Updates version to 0.35.0

* fix: Add a header to operation doc comments (#621)

* remove unnecessary TODOs (#622)

* fix: Codegen issues re: recursion, Swift keywords in unions (#623)

* feat!: Replace the XML encoder with a custom Smithy implementation (#619)

* feat!: Use closures for processing HTTP response (#624)

* feat: add custom trait PaginationTruncationMember (#625)

* allow isTruncated to be optional bool (#626)

* chore: Updates version to 0.36.0

* chore: Run tvOS old & new in CI (#628)

* fix: Fix Package.swift warning on Mac (#629)

* chore: refactor HttpBody and ByteStream to be a single class ByteStream (#627)

* chore: remove sync read in unused data extension (#630)

* update smithy to 1.42.0 (#631)

* chore: Updates version to 0.37.0

* chore: Update to aws-crt-swift 0.20.0 (#633)

* fix: add back from method with fileHandle (#635)

* fix!: Add no-op behavior for initialize methods of logging system. (#637)

* Add no-op behavior for initialize methods if it isn't the first time being called.

* Make LockingSystem threadsafe.

* Make initialize methods async.

---------

Co-authored-by: Sichan Yoo <[email protected]>

* feat!: URLSession-based HTTP Client (#636)

* Delete missed merge conflict marker.

---------

Co-authored-by: Josh Elkins <[email protected]>
Co-authored-by: David Yaffe <[email protected]>
Co-authored-by: AWS SDK Swift Automation <[email protected]>
Co-authored-by: Cyprien Ricque <[email protected]>
Co-authored-by: Sichan Yoo <[email protected]>

* feat: tie up some loose ends (#645)

* Rename runtime type and file in Kotlin side to match corresponding type in Swift side, now both called SignerMiddleware.

* Change DefaultIdentityResolverConfiguration's identity resolvers member field to be Attributes so it can store multiple types of identity resolvers and return one with matching identity type. Necessary for supporting multiple types of identities down the line.

* Detect newly added SigV4a trait and handle accordingly.

---------

Co-authored-by: Sichan Yoo <[email protected]>

* chore: Merge updates from main into project epic branch (#658)

* chore: Require Swift 5.7, fix deprecation warnings (#600)

* feat: support initial-response in RPC based event streams (#597)

* chore: Updates version to 0.32.0

* chore: Add newline to README.md (#602)

* feat: add limited support in smithy-swift for visionOS (#606)

* feat: add support for requiresLength trait and Transfer-Encoding: Chunked (#604)

* chore: Update to aws-crt-swift 0.15.0 (#607)

* fix: content-length middleware should not error on event streams (#608)

* chore: Updates version to 0.33.0

* chore: Improved downstream task (#568)

* chore: Convert idempotency token middleware from closure to reusable type (#610)

* fix: Update aws-crt-swift dependency to 0.17.0 (#612)

* chore: Updates version to 0.34.0

* fix: Endpoint url should be nil if host or scheme is missing (#614)

* fix: Pool HTTP connections based on scheme, host, and port (#615)

* add default log level to initialize method (#616)

* feat: add utility method for converting SdkHttpRequest to URLRequest. (#613)

* Add extension constructor to URLRequest to convert SDKHttpRequest

* Add preprocessor conditional import functionality to SwiftWriter.

---------

Co-authored-by: Sichan Yoo <[email protected]>

* chore: Updates version to 0.35.0

* fix: Add a header to operation doc comments (#621)

* remove unnecessary TODOs (#622)

* fix: Codegen issues re: recursion, Swift keywords in unions (#623)

* feat!: Replace the XML encoder with a custom Smithy implementation (#619)

* feat!: Use closures for processing HTTP response (#624)

* feat: add custom trait PaginationTruncationMember (#625)

* allow isTruncated to be optional bool (#626)

* chore: Updates version to 0.36.0

* chore: Run tvOS old & new in CI (#628)

* fix: Fix Package.swift warning on Mac (#629)

* chore: refactor HttpBody and ByteStream to be a single class ByteStream (#627)

* chore: remove sync read in unused data extension (#630)

* update smithy to 1.42.0 (#631)

* chore: Updates version to 0.37.0

* chore: Update to aws-crt-swift 0.20.0 (#633)

* fix: add back from method with fileHandle (#635)

* fix!: Add no-op behavior for initialize methods of logging system. (#637)

* Add no-op behavior for initialize methods if it isn't the first time being called.

* Make LockingSystem threadsafe.

* Make initialize methods async.

---------

Co-authored-by: Sichan Yoo <[email protected]>

* feat!: URLSession-based HTTP Client (#636)

* bump up CRT version to 0.22.0 (#639)

* chore: Update version to 0.38.0 (#641)

* chore: Empty commit (#643)

* feat: add wrapper for checksums + unit tests (#642)

* feat: Use the Foundation HTTP client by default on Mac (#646)

* chore: Updates version to 0.39.0

* chore: Change MyURLQueryItem to SDKURLQueryItem (#652)

* feat!: Provide HTTP request components by closure instead of protocol (#654)

* fix: Don't retry modeled errors by default (#653)

* Missed merge conflict marker - deleted.

---------

Co-authored-by: Josh Elkins <[email protected]>
Co-authored-by: David Yaffe <[email protected]>
Co-authored-by: AWS SDK Swift Automation <[email protected]>
Co-authored-by: Cyprien Ricque <[email protected]>
Co-authored-by: Sichan Yoo <[email protected]>

* feat: test-suite (#651)

* chore: Require Swift 5.7, fix deprecation warnings (#600)

* feat: support initial-response in RPC based event streams (#597)

* chore: Updates version to 0.32.0

* chore: Add newline to README.md (#602)

* feat: add limited support in smithy-swift for visionOS (#606)

* feat: add support for requiresLength trait and Transfer-Encoding: Chunked (#604)

* chore: Update to aws-crt-swift 0.15.0 (#607)

* fix: content-length middleware should not error on event streams (#608)

* chore: Updates version to 0.33.0

* chore: Improved downstream task (#568)

* chore: Convert idempotency token middleware from closure to reusable type (#610)

* fix: Update aws-crt-swift dependency to 0.17.0 (#612)

* chore: Updates version to 0.34.0

* fix: Endpoint url should be nil if host or scheme is missing (#614)

* fix: Pool HTTP connections based on scheme, host, and port (#615)

* add default log level to initialize method (#616)

* feat: add utility method for converting SdkHttpRequest to URLRequest. (#613)

* Add extension constructor to URLRequest to convert SDKHttpRequest

* Add preprocessor conditional import functionality to SwiftWriter.

---------

Co-authored-by: Sichan Yoo <[email protected]>

* chore: Updates version to 0.35.0

* Add customizations to auth resolve process.

Add internal modeled layer for services (S3, EventBridge) that use rules-based auth scheme resolver.

Rules-based auth scheme resolver work wrap-up.

Wrap-up presign / presign-url refactor.

Wrap-up refactor for fitting in rules-based auth scheme resolver.

Update test cases to include new middlewares.

Move requestSignature getter / setter/ key from aws middleware context extension to here. Also, add saving requestSignature to SignerMiddleware for consumption by event stream signing.

* Add signEvent API to Signer protocol, and rename sign to signRequest.

* Add mock auth scheme resolver, mock auth schemes, mock identity, mock identity resolver, and mock signer to use for middleware unit tests.

* Add unit tests for AuthSchemeMiddleware and SignerMiddleware.

* Update MockSigner to conform to modified Signer API with signEvent.

* Rename directory containing mocks for auth tests from AuthTest to AuthTestUtil.

* fix: Add a header to operation doc comments (#621)

* remove unnecessary TODOs (#622)

* fix: Codegen issues re: recursion, Swift keywords in unions (#623)

* feat!: Replace the XML encoder with a custom Smithy implementation (#619)

* feat!: Use closures for processing HTTP response (#624)

* feat: add custom trait PaginationTruncationMember (#625)

* allow isTruncated to be optional bool (#626)

* chore: Updates version to 0.36.0

* chore: Run tvOS old & new in CI (#628)

* fix: Fix Package.swift warning on Mac (#629)

* chore: refactor HttpBody and ByteStream to be a single class ByteStream (#627)

* chore: remove sync read in unused data extension (#630)

* update smithy to 1.42.0 (#631)

* chore: Updates version to 0.37.0

* chore: Update to aws-crt-swift 0.20.0 (#633)

* fix: add back from method with fileHandle (#635)

* fix!: Add no-op behavior for initialize methods of logging system. (#637)

* Add no-op behavior for initialize methods if it isn't the first time being called.

* Make LockingSystem threadsafe.

* Make initialize methods async.

---------

Co-authored-by: Sichan Yoo <[email protected]>

* feat!: URLSession-based HTTP Client (#636)

* bump up CRT version to 0.22.0 (#639)

* chore: Update version to 0.38.0 (#641)

* chore: Empty commit (#643)

* feat: add wrapper for checksums + unit tests (#642)

* Update to reflect midleware generics change.

* Delete unnessary line from test case.

* Add CloudFront KeyValueStore as one of the services that use rules based auth scheme resolver customization.

* feat: Use the Foundation HTTP client by default on Mac (#646)

* chore: Updates version to 0.39.0

* Fix auth scheme middleware to save the selected auth scheme to middleware context by modifying the original context. Fixes transcribe streaming integration test where streaming signing flow was only accessing the original context and not the newly built one with selected auth scheme that was being passed to next middleware in line.

* chore: Change MyURLQueryItem to SDKURLQueryItem (#652)

* feat!: Provide HTTP request components by closure instead of protocol (#654)

* fix: Don't retry modeled errors by default (#653)

* Address Josh's PR comments.

* Merge updated CRT version from main into feat/test-suite.

---------

Co-authored-by: Josh Elkins <[email protected]>
Co-authored-by: David Yaffe <[email protected]>
Co-authored-by: AWS SDK Swift Automation <[email protected]>
Co-authored-by: Cyprien Ricque <[email protected]>
Co-authored-by: Sichan Yoo <[email protected]>

* chore: Merge latest changes from main into SRA I&A (#662)

* chore: Require Swift 5.7, fix deprecation warnings (#600)

* feat: support initial-response in RPC based event streams (#597)

* chore: Updates version to 0.32.0

* chore: Add newline to README.md (#602)

* feat: add limited support in smithy-swift for visionOS (#606)

* feat: add support for requiresLength trait and Transfer-Encoding: Chunked (#604)

* chore: Update to aws-crt-swift 0.15.0 (#607)

* fix: content-length middleware should not error on event streams (#608)

* chore: Updates version to 0.33.0

* chore: Improved downstream task (#568)

* chore: Convert idempotency token middleware from closure to reusable type (#610)

* fix: Update aws-crt-swift dependency to 0.17.0 (#612)

* chore: Updates version to 0.34.0

* fix: Endpoint url should be nil if host or scheme is missing (#614)

* fix: Pool HTTP connections based on scheme, host, and port (#615)

* add default log level to initialize method (#616)

* feat: add utility method for converting SdkHttpRequest to URLRequest. (#613)

* Add extension constructor to URLRequest to convert SDKHttpRequest

* Add preprocessor conditional import functionality to SwiftWriter.

---------

Co-authored-by: Sichan Yoo <[email protected]>

* chore: Updates version to 0.35.0

* fix: Add a header to operation doc comments (#621)

* remove unnecessary TODOs (#622)

* fix: Codegen issues re: recursion, Swift keywords in unions (#623)

* feat!: Replace the XML encoder with a custom Smithy implementation (#619)

* feat!: Use closures for processing HTTP response (#624)

* feat: add custom trait PaginationTruncationMember (#625)

* allow isTruncated to be optional bool (#626)

* chore: Updates version to 0.36.0

* chore: Run tvOS old & new in CI (#628)

* fix: Fix Package.swift warning on Mac (#629)

* chore: refactor HttpBody and ByteStream to be a single class ByteStream (#627)

* chore: remove sync read in unused data extension (#630)

* update smithy to 1.42.0 (#631)

* chore: Updates version to 0.37.0

* chore: Update to aws-crt-swift 0.20.0 (#633)

* fix: add back from method with fileHandle (#635)

* fix!: Add no-op behavior for initialize methods of logging system. (#637)

* Add no-op behavior for initialize methods if it isn't the first time being called.

* Make LockingSystem threadsafe.

* Make initialize methods async.

---------

Co-authored-by: Sichan Yoo <[email protected]>

* feat!: URLSession-based HTTP Client (#636)

* bump up CRT version to 0.22.0 (#639)

* chore: Update version to 0.38.0 (#641)

* chore: Empty commit (#643)

* feat: add wrapper for checksums + unit tests (#642)

* feat: Use the Foundation HTTP client by default on Mac (#646)

* chore: Updates version to 0.39.0

* chore: Change MyURLQueryItem to SDKURLQueryItem (#652)

* feat!: Provide HTTP request components by closure instead of protocol (#654)

* fix: Don't retry modeled errors by default (#653)

* feat!: Eliminate service client protocols (#655)

* feat: add support for flexible checksums on Normal payloads (#647)

* chore: Update aws-crt-swift to 0.26.0 (#661)

---------

Co-authored-by: Josh Elkins <[email protected]>
Co-authored-by: David Yaffe <[email protected]>
Co-authored-by: AWS SDK Swift Automation <[email protected]>
Co-authored-by: Cyprien Ricque <[email protected]>
Co-authored-by: Sichan Yoo <[email protected]>

* Change package import statements for AuthSchemeResolverGeneratorTests.kt to match other codegen tests in the repo.

* Just for readability & understandability, match order of statements that add middlewares to middleware execution generator with the acutal order in codegen output.

* Add documentation for MiddlewareExecutionGenerator.ContextAttributeCodegenFlowType.

* Change getSize() of Attributes struct to a computed property.

* Factor out and delete IdentityKind enum & use scheme ID instead to determine which identity resolver to return for a given auth scheme in default identity resolver config.

* Change auth scheme middleware tests to reflect removal of IdentityKind.

* Revert back codegen middleware stack order and add clarifying comment.

* Change getOrNull() to orElseNull(null) in auth scheme resolver generator.

* Add authSchemes & authSchemeResolver config properties to swift & kotlins sides. Refactor client runtime types for SRA auth for better organization.

* Remove unused generic from AuthSchemeMiddleware and SignerMiddleware, then update codegen and codgen tests accordingly.

* Fix errors found by generating SDK code.

* Fix ktlint.

* Fix error caught from CI. Updating SignerMiddleware's name property to SignerMiddleware from SigningMiddleware caused it to not be removed properly for generating protocol tests.

* Move default auth scheme resolve logic from runtime to codegen following Steven's feedback on aws-sdk-swift PR.

* Address Josh's minor comments.

---------

Co-authored-by: Sichan Yoo <[email protected]>
Co-authored-by: Josh Elkins <[email protected]>
Co-authored-by: David Yaffe <[email protected]>
Co-authored-by: AWS SDK Swift Automation <[email protected]>
Co-authored-by: Cyprien Ricque <[email protected]>

README.md

@@ -28,3 +28,4 @@ This project is licensed under the Apache-2.0 License.
 
 See [CONTRIBUTING](CONTRIBUTING.md) for more information.
 
+

Sources/ClientRuntime/Auth/HTTPAuth/DefaultIdentityResolverConfiguration.swift

@@ -0,0 +1,18 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+public struct DefaultIdentityResolverConfiguration: IdentityResolverConfiguration {
+    let identityResolvers: Attributes
+
+    public init(configuredIdResolvers: Attributes) {
+        self.identityResolvers = configuredIdResolvers
+    }
+
+    func getIdentityResolver(schemeID: String) throws -> (any IdentityResolver)? {
+        return self.identityResolvers.get(key: AttributeKey<any IdentityResolver>(name: schemeID))
+    }
+}

Sources/ClientRuntime/Auth/HTTPAuthAPI/AuthOption.swift

@@ -0,0 +1,22 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+public struct AuthOption {
+    let schemeID: String
+    public var identityProperties: Attributes
+    public var signingProperties: Attributes
+
+    public init (
+        schemeID: String,
+        identityProperties: Attributes = Attributes(),
+        signingProperties: Attributes = Attributes()
+    ) {
+        self.schemeID = schemeID
+        self.identityProperties = identityProperties
+        self.signingProperties = signingProperties
+    }
+}

Sources/ClientRuntime/Auth/HTTPAuthAPI/AuthScheme.swift

@@ -0,0 +1,20 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+public protocol AuthScheme {
+    var schemeID: String { get }
+    var signer: Signer { get }
+
+    // Hook used by AuthSchemeMiddleware that allows signing properties customization, if needed by an auth scheme
+    func customizeSigningProperties(signingProperties: Attributes, context: HttpContext) throws -> Attributes
+}
+
+extension AuthScheme {
+    func identityResolver(config: IdentityResolverConfiguration) throws -> (any IdentityResolver)? {
+        return try config.getIdentityResolver(schemeID: self.schemeID)
+    }
+}

Sources/ClientRuntime/Auth/HTTPAuthAPI/AuthSchemeResolver.swift

@@ -0,0 +1,11 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+public protocol AuthSchemeResolver {
+    func resolveAuthScheme(params: AuthSchemeResolverParameters) throws -> [AuthOption]
+    func constructParameters(context: HttpContext) throws -> AuthSchemeResolverParameters
+}

Sources/ClientRuntime/Auth/HTTPAuthAPI/AuthSchemeResolverParameters.swift

@@ -0,0 +1,10 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+public protocol AuthSchemeResolverParameters {
+    var operation: String { get }
+}

Sources/ClientRuntime/Auth/HTTPAuthAPI/IdentityResolverConfiguration.swift

@@ -0,0 +1,10 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+protocol IdentityResolverConfiguration {
+    func getIdentityResolver(schemeID: String) throws -> (any IdentityResolver)?
+}

Sources/ClientRuntime/Auth/HTTPAuthAPI/SelectedAuthScheme.swift

@@ -0,0 +1,20 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+public struct SelectedAuthScheme {
+    public let schemeID: String
+    public let identity: Identity?
+    public let signingProperties: Attributes?
+    public let signer: Signer?
+
+    public init(schemeID: String, identity: Identity?, signingProperties: Attributes?, signer: Signer?) {
+        self.schemeID = schemeID
+        self.identity = identity
+        self.signingProperties = signingProperties
+        self.signer = signer
+    }
+}

Sources/ClientRuntime/Auth/HTTPAuthAPI/Signer.swift

@@ -0,0 +1,30 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+public protocol Signer {
+    func signRequest<IdentityT: Identity>(
+        requestBuilder: SdkHttpRequestBuilder,
+        identity: IdentityT,
+        signingProperties: Attributes
+    ) async throws -> SdkHttpRequestBuilder
+
+    func signEvent(
+        payload: Data,
+        previousSignature: String,
+        signingProperties: Attributes
+    ) async throws -> SigningResult<EventStream.Message>
+}
+
+public struct SigningResult<T> {
+    public let output: T
+    public let signature: String
+
+    public init(output: T, signature: String) {
+        self.output = output
+        self.signature = signature
+    }
+}

Sources/ClientRuntime/Config/DefaultHttpClientConfiguration.swift

@@ -16,5 +16,13 @@ public protocol DefaultHttpClientConfiguration: ClientConfiguration {
     /// Configuration for the HTTP client.
     var httpClientConfiguration: HttpClientConfiguration { get }
 
-    /// TODO: Add auth scheme
+    /// List of auth schemes to use for client calls.
+    ///
+    /// Defaults to auth schemes defined on the Smithy service model.
+    var authSchemes: [ClientRuntime.AuthScheme]? { get set }
+
+    /// The auth scheme resolver to use for resolving auth scheme.
+    ///
+    /// Defaults to a auth scheme resolver generated based on Smithy service model.
+    var authSchemeResolver: ClientRuntime.AuthSchemeResolver { get set }
 }

Sources/ClientRuntime/Identity/IdentityAPI/Identity.swift

@@ -0,0 +1,11 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+// Base protocol for all identity types
+public protocol Identity {
+    var expiration: Date? { get }
+}

Sources/ClientRuntime/Identity/IdentityAPI/IdentityResolver.swift

@@ -0,0 +1,13 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+// Base protocol for all identity provider types
+public protocol IdentityResolver {
+    associatedtype IdentityT: Identity
+
+    func getIdentity(identityProperties: Attributes?) async throws -> IdentityT
+}

Sources/ClientRuntime/Middleware/Attribute.swift

@@ -21,6 +21,7 @@ public struct AttributeKey<ValueType> {
 /// Type safe property bag
 public struct Attributes {
     private var attributes = [String: Any]()
+    public var size: Int { attributes.count }
 
     public init() {}
 

Sources/ClientRuntime/Networking/HashFunction.swift

@@ -31,7 +31,6 @@ public enum HashFunction {
 
     static func fromList(_ stringArray: [String]) -> [HashFunction] {
         var hashFunctions = [HashFunction]()
-
         for string in stringArray {
             if let hashFunction = HashFunction.from(string: string) {
                 hashFunctions.append(hashFunction)