diff --git a/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/auth/AuthSchemeResolver.java b/core/sdk-core/src/main/java/software/amazon/awssdk/core/http/auth/AuthSchemeResolver.java similarity index 80% rename from core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/auth/AuthSchemeResolver.java rename to core/sdk-core/src/main/java/software/amazon/awssdk/core/http/auth/AuthSchemeResolver.java index 6348a85f33b9..ea0d8d6db9b7 100644 --- a/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/auth/AuthSchemeResolver.java +++ b/core/sdk-core/src/main/java/software/amazon/awssdk/core/http/auth/AuthSchemeResolver.java @@ -13,7 +13,7 @@ * permissions and limitations under the License. */ -package software.amazon.awssdk.core.internal.http.auth; +package software.amazon.awssdk.core.http.auth; import java.time.Duration; import java.util.ArrayList; @@ -22,13 +22,16 @@ import java.util.concurrent.CompletableFuture; import java.util.function.Supplier; import java.util.stream.Collectors; -import software.amazon.awssdk.annotations.SdkInternalApi; +import software.amazon.awssdk.annotations.SdkProtectedApi; +import software.amazon.awssdk.core.SdkRequest; import software.amazon.awssdk.core.SelectedAuthScheme; import software.amazon.awssdk.core.exception.SdkException; import software.amazon.awssdk.core.interceptor.ExecutionAttributes; import software.amazon.awssdk.core.interceptor.SdkInternalExecutionAttribute; import software.amazon.awssdk.core.internal.util.MetricUtils; import software.amazon.awssdk.core.metrics.CoreMetric; +import software.amazon.awssdk.core.spi.identity.AuthSchemeOptionsResolver; +import software.amazon.awssdk.core.spi.identity.IdentityProviderUpdater; import software.amazon.awssdk.http.auth.spi.scheme.AuthScheme; import software.amazon.awssdk.http.auth.spi.scheme.AuthSchemeOption; import software.amazon.awssdk.http.auth.spi.signer.HttpSigner; @@ -45,7 +48,7 @@ /** * Shared utility for selecting auth schemes from a list of options. */ -@SdkInternalApi +@SdkProtectedApi public final class AuthSchemeResolver { private static final Logger LOG = Logger.loggerFor(AuthSchemeResolver.class); @@ -53,6 +56,34 @@ public final class AuthSchemeResolver { private AuthSchemeResolver() { } + /** + * Resolve an auth scheme from execution attributes, applying any identity provider overrides. + * This is a convenience method for use by interceptors that need to resolve an auth scheme + * outside of the normal pipeline flow (e.g., presign interceptors). + * + * @param request The SDK request (may contain credential overrides) + * @param executionAttributes The execution attributes containing auth scheme resolution inputs + * @return The selected auth scheme + */ + public static SelectedAuthScheme resolveAuthScheme( + SdkRequest request, ExecutionAttributes executionAttributes) { + AuthSchemeOptionsResolver optionsResolver = + executionAttributes.getAttribute(SdkInternalExecutionAttribute.AUTH_SCHEME_OPTIONS_RESOLVER); + Map> authSchemes = + executionAttributes.getAttribute(SdkInternalExecutionAttribute.AUTH_SCHEMES); + IdentityProviders identityProviders = + executionAttributes.getAttribute(SdkInternalExecutionAttribute.IDENTITY_PROVIDERS); + + IdentityProviderUpdater updater = + executionAttributes.getAttribute(SdkInternalExecutionAttribute.IDENTITY_PROVIDER_UPDATER); + if (updater != null) { + identityProviders = updater.update(request, identityProviders, executionAttributes); + } + + List authOptions = optionsResolver.resolve(request); + return selectAuthScheme(authOptions, authSchemes, identityProviders, null); + } + /** * Select an auth scheme from the given options. * diff --git a/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/pipeline/stages/AuthSchemeResolutionStage.java b/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/pipeline/stages/AuthSchemeResolutionStage.java index b653db4ddd90..ebc42009ce7c 100644 --- a/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/pipeline/stages/AuthSchemeResolutionStage.java +++ b/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/pipeline/stages/AuthSchemeResolutionStage.java @@ -21,12 +21,12 @@ import software.amazon.awssdk.core.RequestOverrideConfiguration; import software.amazon.awssdk.core.SdkRequest; import software.amazon.awssdk.core.SelectedAuthScheme; +import software.amazon.awssdk.core.http.auth.AuthSchemeResolver; import software.amazon.awssdk.core.interceptor.ExecutionAttributes; import software.amazon.awssdk.core.interceptor.SdkExecutionAttribute; import software.amazon.awssdk.core.interceptor.SdkInternalExecutionAttribute; import software.amazon.awssdk.core.internal.http.HttpClientDependencies; import software.amazon.awssdk.core.internal.http.RequestExecutionContext; -import software.amazon.awssdk.core.internal.http.auth.AuthSchemeResolver; import software.amazon.awssdk.core.internal.http.pipeline.MutableRequestToRequestPipeline; import software.amazon.awssdk.core.spi.identity.AuthSchemeOptionsResolver; import software.amazon.awssdk.core.spi.identity.IdentityProviderUpdater; diff --git a/core/sdk-core/src/test/java/software/amazon/awssdk/core/internal/http/auth/AuthSchemeResolverTest.java b/core/sdk-core/src/test/java/software/amazon/awssdk/core/internal/http/auth/AuthSchemeResolverTest.java index 90c2cdf12008..a3afe853d0e8 100644 --- a/core/sdk-core/src/test/java/software/amazon/awssdk/core/internal/http/auth/AuthSchemeResolverTest.java +++ b/core/sdk-core/src/test/java/software/amazon/awssdk/core/internal/http/auth/AuthSchemeResolverTest.java @@ -31,6 +31,7 @@ import org.junit.jupiter.api.Test; import software.amazon.awssdk.core.SelectedAuthScheme; import software.amazon.awssdk.core.exception.SdkException; +import software.amazon.awssdk.core.http.auth.AuthSchemeResolver; import software.amazon.awssdk.core.interceptor.ExecutionAttributes; import software.amazon.awssdk.core.interceptor.SdkInternalExecutionAttribute; import software.amazon.awssdk.http.auth.spi.scheme.AuthScheme; diff --git a/services/docdb/src/main/java/software/amazon/awssdk/services/docdb/internal/RdsPresignInterceptor.java b/services/docdb/src/main/java/software/amazon/awssdk/services/docdb/internal/RdsPresignInterceptor.java index 55b0fd574e64..cd2c0d8c4de1 100644 --- a/services/docdb/src/main/java/software/amazon/awssdk/services/docdb/internal/RdsPresignInterceptor.java +++ b/services/docdb/src/main/java/software/amazon/awssdk/services/docdb/internal/RdsPresignInterceptor.java @@ -15,7 +15,6 @@ package software.amazon.awssdk.services.docdb.internal; -import static software.amazon.awssdk.core.interceptor.SdkInternalExecutionAttribute.SELECTED_AUTH_SCHEME; import java.net.URI; import java.time.Clock; @@ -32,6 +31,7 @@ import software.amazon.awssdk.core.SelectedAuthScheme; import software.amazon.awssdk.core.client.config.SdkClientConfiguration; import software.amazon.awssdk.core.client.config.SdkClientOption; +import software.amazon.awssdk.core.http.auth.AuthSchemeResolver; import software.amazon.awssdk.core.interceptor.Context; import software.amazon.awssdk.core.interceptor.ExecutionAttributes; import software.amazon.awssdk.core.interceptor.ExecutionInterceptor; @@ -106,7 +106,7 @@ public final SdkHttpRequest modifyHttpRequest(Context.ModifyHttpRequest context, return request.toBuilder().removeQueryParameter(PARAM_SOURCE_REGION).build(); } - SelectedAuthScheme selectedAuthScheme = executionAttributes.getAttribute(SELECTED_AUTH_SCHEME); + SelectedAuthScheme selectedAuthScheme = resolveAuthScheme(context.request(), executionAttributes); String sourceRegion = presignableRequest.getSourceRegion(); String destinationRegion = selectedAuthScheme.authSchemeOption().signerProperty(AwsV4HttpSigner.REGION_NAME); URI endpoint = createEndpoint(sourceRegion, SERVICE_NAME, executionAttributes); @@ -118,7 +118,7 @@ public final SdkHttpRequest modifyHttpRequest(Context.ModifyHttpRequest context, .removeQueryParameter(PARAM_SOURCE_REGION) .build(); - requestToPresign = sraPresignRequest(executionAttributes, requestToPresign, sourceRegion); + requestToPresign = sraPresignRequest(selectedAuthScheme, requestToPresign, sourceRegion); String presignedUrl = requestToPresign.getUri().toString(); @@ -129,6 +129,14 @@ public final SdkHttpRequest modifyHttpRequest(Context.ModifyHttpRequest context, .build(); } + /** + * Resolves the auth scheme from execution attributes, applying any request-level credential overrides. + */ + private SelectedAuthScheme resolveAuthScheme(SdkRequest request, + ExecutionAttributes executionAttributes) { + return AuthSchemeResolver.resolveAuthScheme(request, executionAttributes); + } + /** * Adapts the request to the {@link PresignableRequest}. * @@ -159,11 +167,8 @@ private PresignableRequest toPresignableRequest(SdkHttpRequest request, Context. /** * Presign the provided HTTP request using SRA HttpSigner */ - private SdkHttpFullRequest sraPresignRequest(ExecutionAttributes executionAttributes, SdkHttpFullRequest request, + private SdkHttpFullRequest sraPresignRequest(SelectedAuthScheme selectedAuthScheme, SdkHttpFullRequest request, String signingRegion) { - SelectedAuthScheme selectedAuthScheme = executionAttributes.getAttribute(SELECTED_AUTH_SCHEME); - - Instant signingInstant; if (signingClockOverride != null) { signingInstant = signingClockOverride.instant(); diff --git a/services/ec2/src/main/java/software/amazon/awssdk/services/ec2/transform/internal/GeneratePreSignUrlInterceptor.java b/services/ec2/src/main/java/software/amazon/awssdk/services/ec2/transform/internal/GeneratePreSignUrlInterceptor.java index a4ebd7265773..acfc4546e5ac 100644 --- a/services/ec2/src/main/java/software/amazon/awssdk/services/ec2/transform/internal/GeneratePreSignUrlInterceptor.java +++ b/services/ec2/src/main/java/software/amazon/awssdk/services/ec2/transform/internal/GeneratePreSignUrlInterceptor.java @@ -15,7 +15,6 @@ package software.amazon.awssdk.services.ec2.transform.internal; -import static software.amazon.awssdk.core.interceptor.SdkInternalExecutionAttribute.SELECTED_AUTH_SCHEME; import java.net.URI; import java.time.Clock; @@ -32,6 +31,7 @@ import software.amazon.awssdk.core.client.config.SdkClientConfiguration; import software.amazon.awssdk.core.client.config.SdkClientOption; import software.amazon.awssdk.core.exception.SdkClientException; +import software.amazon.awssdk.core.http.auth.AuthSchemeResolver; import software.amazon.awssdk.core.interceptor.Context; import software.amazon.awssdk.core.interceptor.ExecutionAttributes; import software.amazon.awssdk.core.interceptor.ExecutionInterceptor; @@ -131,7 +131,7 @@ public SdkHttpRequest modifyHttpRequest(Context.ModifyHttpRequest context, Execu .build(); URI presignedUrl = - sraPresignRequest(executionAttributes, requestForPresigning, sourceRegion); + sraPresignRequest(context.request(), executionAttributes, requestForPresigning, sourceRegion); return request.toBuilder() .putRawQueryParameter("DestinationRegion", destinationRegion) @@ -142,9 +142,14 @@ public SdkHttpRequest modifyHttpRequest(Context.ModifyHttpRequest context, Execu return request; } - private URI sraPresignRequest(ExecutionAttributes executionAttributes, SdkHttpFullRequest request, - String signingRegion) { - SelectedAuthScheme selectedAuthScheme = executionAttributes.getAttribute(SELECTED_AUTH_SCHEME); + private SelectedAuthScheme resolveAuthScheme(SdkRequest request, + ExecutionAttributes executionAttributes) { + return AuthSchemeResolver.resolveAuthScheme(request, executionAttributes); + } + + private URI sraPresignRequest(SdkRequest sdkRequest, ExecutionAttributes executionAttributes, + SdkHttpFullRequest request, String signingRegion) { + SelectedAuthScheme selectedAuthScheme = resolveAuthScheme(sdkRequest, executionAttributes); Instant signingInstant; if (testClock != null) { signingInstant = testClock.instant(); diff --git a/services/ec2/src/test/java/software/amazon/awssdk/services/ec2/transform/internal/GeneratePreSignUrlInterceptorTest.java b/services/ec2/src/test/java/software/amazon/awssdk/services/ec2/transform/internal/GeneratePreSignUrlInterceptorTest.java index f7e03816e6b9..3ae2c4dc5c6e 100644 --- a/services/ec2/src/test/java/software/amazon/awssdk/services/ec2/transform/internal/GeneratePreSignUrlInterceptorTest.java +++ b/services/ec2/src/test/java/software/amazon/awssdk/services/ec2/transform/internal/GeneratePreSignUrlInterceptorTest.java @@ -25,17 +25,24 @@ import java.time.Instant; import java.time.ZoneId; import java.time.ZonedDateTime; +import java.util.Collections; +import java.util.Map; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.Mock; import org.mockito.junit.MockitoJUnitRunner; import software.amazon.awssdk.auth.credentials.AwsBasicCredentials; +import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider; import software.amazon.awssdk.auth.signer.AwsSignerExecutionAttribute; import software.amazon.awssdk.core.interceptor.Context; import software.amazon.awssdk.core.interceptor.ExecutionAttributes; +import software.amazon.awssdk.core.interceptor.SdkInternalExecutionAttribute; import software.amazon.awssdk.http.SdkHttpFullRequest; import software.amazon.awssdk.http.SdkHttpMethod; import software.amazon.awssdk.http.SdkHttpRequest; +import software.amazon.awssdk.http.auth.aws.scheme.AwsV4AuthScheme; +import software.amazon.awssdk.http.auth.spi.scheme.AuthScheme; +import software.amazon.awssdk.identity.spi.IdentityProviders; import software.amazon.awssdk.services.ec2.model.CopySnapshotRequest; @RunWith(MockitoJUnitRunner.class) @@ -63,6 +70,7 @@ public void copySnapshotRequest_httpsProtocolAddedToEndpoint() { ExecutionAttributes attrs = new ExecutionAttributes(); attrs.putAttribute(AWS_CREDENTIALS, AwsBasicCredentials.create("foo", "bar")); attrs.putAttribute(AwsSignerExecutionAttribute.SERVICE_SIGNING_NAME, "ec2"); + addSraAttributes(attrs, AwsBasicCredentials.create("foo", "bar")); SdkHttpRequest modifiedRequest = INTERCEPTOR.modifyHttpRequest(mockContext, attrs); @@ -116,6 +124,7 @@ public void copySnapshotRequest_generatesCorrectPresignedUrl() { ExecutionAttributes attrs = new ExecutionAttributes(); attrs.putAttribute(AWS_CREDENTIALS, AwsBasicCredentials.create("akid", "skid")); attrs.putAttribute(AwsSignerExecutionAttribute.SERVICE_SIGNING_NAME, "ec2"); + addSraAttributes(attrs, AwsBasicCredentials.create("akid", "skid")); SdkHttpRequest modifiedRequest = interceptor.modifyHttpRequest(mockContext, attrs); @@ -123,4 +132,23 @@ public void copySnapshotRequest_generatesCorrectPresignedUrl() { assertThat(generatedPresignedUrl).isEqualTo(expectedPresignedUrl); } + + private static void addSraAttributes(ExecutionAttributes attrs, AwsBasicCredentials credentials) { + AwsV4AuthScheme authScheme = AwsV4AuthScheme.create(); + Map> authSchemes = Collections.singletonMap(authScheme.schemeId(), authScheme); + IdentityProviders identityProviders = IdentityProviders.builder() + .putIdentityProvider(StaticCredentialsProvider.create(credentials)) + .build(); + attrs.putAttribute(SdkInternalExecutionAttribute.AUTH_SCHEMES, authSchemes); + attrs.putAttribute(SdkInternalExecutionAttribute.IDENTITY_PROVIDERS, identityProviders); + attrs.putAttribute(SdkInternalExecutionAttribute.AUTH_SCHEME_OPTIONS_RESOLVER, + request -> Collections.singletonList( + software.amazon.awssdk.http.auth.spi.scheme.AuthSchemeOption.builder() + .schemeId(authScheme.schemeId()) + .putSignerProperty(software.amazon.awssdk.http.auth.aws.signer.AwsV4FamilyHttpSigner + .SERVICE_SIGNING_NAME, "ec2") + .putSignerProperty(software.amazon.awssdk.http.auth.aws.signer.AwsV4HttpSigner + .REGION_NAME, "us-west-2") + .build())); + } } diff --git a/services/neptune/src/main/java/software/amazon/awssdk/services/neptune/internal/RdsPresignInterceptor.java b/services/neptune/src/main/java/software/amazon/awssdk/services/neptune/internal/RdsPresignInterceptor.java index 34f8fe30247c..1ff7adf4221d 100644 --- a/services/neptune/src/main/java/software/amazon/awssdk/services/neptune/internal/RdsPresignInterceptor.java +++ b/services/neptune/src/main/java/software/amazon/awssdk/services/neptune/internal/RdsPresignInterceptor.java @@ -15,7 +15,6 @@ package software.amazon.awssdk.services.neptune.internal; -import static software.amazon.awssdk.core.interceptor.SdkInternalExecutionAttribute.SELECTED_AUTH_SCHEME; import java.net.URI; import java.time.Clock; @@ -32,6 +31,7 @@ import software.amazon.awssdk.core.SelectedAuthScheme; import software.amazon.awssdk.core.client.config.SdkClientConfiguration; import software.amazon.awssdk.core.client.config.SdkClientOption; +import software.amazon.awssdk.core.http.auth.AuthSchemeResolver; import software.amazon.awssdk.core.interceptor.Context; import software.amazon.awssdk.core.interceptor.ExecutionAttributes; import software.amazon.awssdk.core.interceptor.ExecutionInterceptor; @@ -51,7 +51,6 @@ import software.amazon.awssdk.services.neptune.model.NeptuneRequest; import software.amazon.awssdk.utils.CompletableFutureUtils; - /** * Abstract pre-sign handler that follows the pre-signing scheme outlined in the 'RDS Presigned URL for Cross-Region Copying' * SEP. @@ -107,7 +106,7 @@ public final SdkHttpRequest modifyHttpRequest(Context.ModifyHttpRequest context, return request.toBuilder().removeQueryParameter(PARAM_SOURCE_REGION).build(); } - SelectedAuthScheme selectedAuthScheme = executionAttributes.getAttribute(SELECTED_AUTH_SCHEME); + SelectedAuthScheme selectedAuthScheme = resolveAuthScheme(context.request(), executionAttributes); String sourceRegion = presignableRequest.getSourceRegion(); String destinationRegion = selectedAuthScheme.authSchemeOption().signerProperty(AwsV4HttpSigner.REGION_NAME); URI endpoint = createEndpoint(sourceRegion, SERVICE_NAME, executionAttributes); @@ -119,7 +118,7 @@ public final SdkHttpRequest modifyHttpRequest(Context.ModifyHttpRequest context, .removeQueryParameter(PARAM_SOURCE_REGION) .build(); - requestToPresign = sraPresignRequest(executionAttributes, requestToPresign, sourceRegion); + requestToPresign = sraPresignRequest(selectedAuthScheme, requestToPresign, sourceRegion); String presignedUrl = requestToPresign.getUri().toString(); @@ -130,6 +129,14 @@ public final SdkHttpRequest modifyHttpRequest(Context.ModifyHttpRequest context, .build(); } + /** + * Resolves the auth scheme from execution attributes, applying any request-level credential overrides. + */ + private SelectedAuthScheme resolveAuthScheme(SdkRequest request, + ExecutionAttributes executionAttributes) { + return AuthSchemeResolver.resolveAuthScheme(request, executionAttributes); + } + /** * Adapts the request to the {@link PresignableRequest}. * @@ -160,11 +167,8 @@ private PresignableRequest toPresignableRequest(SdkHttpRequest request, Context. /** * Presign the provided HTTP request using SRA HttpSigner */ - private SdkHttpFullRequest sraPresignRequest(ExecutionAttributes executionAttributes, SdkHttpFullRequest request, + private SdkHttpFullRequest sraPresignRequest(SelectedAuthScheme selectedAuthScheme, SdkHttpFullRequest request, String signingRegion) { - SelectedAuthScheme selectedAuthScheme = executionAttributes.getAttribute(SELECTED_AUTH_SCHEME); - - Instant signingInstant; if (signingClockOverride != null) { signingInstant = signingClockOverride.instant(); diff --git a/services/rds/src/main/java/software/amazon/awssdk/services/rds/internal/RdsPresignInterceptor.java b/services/rds/src/main/java/software/amazon/awssdk/services/rds/internal/RdsPresignInterceptor.java index 3e55f5ae9f24..f3b9cb723277 100644 --- a/services/rds/src/main/java/software/amazon/awssdk/services/rds/internal/RdsPresignInterceptor.java +++ b/services/rds/src/main/java/software/amazon/awssdk/services/rds/internal/RdsPresignInterceptor.java @@ -15,7 +15,6 @@ package software.amazon.awssdk.services.rds.internal; -import static software.amazon.awssdk.core.interceptor.SdkInternalExecutionAttribute.SELECTED_AUTH_SCHEME; import java.net.URI; import java.time.Clock; @@ -32,6 +31,7 @@ import software.amazon.awssdk.core.SelectedAuthScheme; import software.amazon.awssdk.core.client.config.SdkClientConfiguration; import software.amazon.awssdk.core.client.config.SdkClientOption; +import software.amazon.awssdk.core.http.auth.AuthSchemeResolver; import software.amazon.awssdk.core.interceptor.Context; import software.amazon.awssdk.core.interceptor.ExecutionAttributes; import software.amazon.awssdk.core.interceptor.ExecutionInterceptor; @@ -106,7 +106,7 @@ public final SdkHttpRequest modifyHttpRequest(Context.ModifyHttpRequest context, return request.toBuilder().removeQueryParameter(PARAM_SOURCE_REGION).build(); } - SelectedAuthScheme selectedAuthScheme = executionAttributes.getAttribute(SELECTED_AUTH_SCHEME); + SelectedAuthScheme selectedAuthScheme = resolveAuthScheme(context.request(), executionAttributes); String sourceRegion = presignableRequest.getSourceRegion(); String destinationRegion = selectedAuthScheme.authSchemeOption().signerProperty(AwsV4HttpSigner.REGION_NAME); URI endpoint = createEndpoint(sourceRegion, SERVICE_NAME, executionAttributes); @@ -118,7 +118,7 @@ public final SdkHttpRequest modifyHttpRequest(Context.ModifyHttpRequest context, .removeQueryParameter(PARAM_SOURCE_REGION) .build(); - requestToPresign = sraPresignRequest(executionAttributes, requestToPresign, sourceRegion); + requestToPresign = sraPresignRequest(selectedAuthScheme, requestToPresign, sourceRegion); String presignedUrl = requestToPresign.getUri().toString(); @@ -129,6 +129,14 @@ public final SdkHttpRequest modifyHttpRequest(Context.ModifyHttpRequest context, .build(); } + /** + * Resolves the auth scheme from execution attributes, applying any request-level credential overrides. + */ + private SelectedAuthScheme resolveAuthScheme(SdkRequest request, + ExecutionAttributes executionAttributes) { + return AuthSchemeResolver.resolveAuthScheme(request, executionAttributes); + } + /** * Adapts the request to the {@link PresignableRequest}. * @@ -148,7 +156,6 @@ private PresignableRequest toPresignableRequest(SdkHttpRequest request, Context. if (request.firstMatchingRawQueryParameter(PARAM_PRESIGNED_URL).isPresent()) { return null; } - PresignableRequest presignableRequest = adaptRequest(requestClassToPreSign.cast(originalRequest)); String sourceRegion = presignableRequest.getSourceRegion(); if (sourceRegion == null) { @@ -160,9 +167,8 @@ private PresignableRequest toPresignableRequest(SdkHttpRequest request, Context. /** * Presign the provided HTTP request using SRA HttpSigner */ - private SdkHttpFullRequest sraPresignRequest(ExecutionAttributes executionAttributes, SdkHttpFullRequest request, + private SdkHttpFullRequest sraPresignRequest(SelectedAuthScheme selectedAuthScheme, SdkHttpFullRequest request, String signingRegion) { - SelectedAuthScheme selectedAuthScheme = executionAttributes.getAttribute(SELECTED_AUTH_SCHEME); Instant signingInstant; if (signingClockOverride != null) { signingInstant = signingClockOverride.instant(); diff --git a/services/s3/src/main/java/software/amazon/awssdk/services/s3/S3Utilities.java b/services/s3/src/main/java/software/amazon/awssdk/services/s3/S3Utilities.java index 4f41247a84c1..e5f4d07df7e3 100644 --- a/services/s3/src/main/java/software/amazon/awssdk/services/s3/S3Utilities.java +++ b/services/s3/src/main/java/software/amazon/awssdk/services/s3/S3Utilities.java @@ -38,8 +38,8 @@ import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; import software.amazon.awssdk.awscore.endpoint.DualstackEnabledProvider; import software.amazon.awssdk.awscore.endpoint.FipsEnabledProvider; -import software.amazon.awssdk.awscore.internal.defaultsmode.DefaultsModeConfiguration; import software.amazon.awssdk.awscore.endpoints.AwsEndpointProviderUtils; +import software.amazon.awssdk.awscore.internal.defaultsmode.DefaultsModeConfiguration; import software.amazon.awssdk.core.ClientEndpointProvider; import software.amazon.awssdk.core.ClientType; import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration; @@ -518,7 +518,7 @@ private SdkHttpRequest resolveEndpointAndApply(GetObjectRequest request, SdkHttp ClientEndpointProvider clientEndpointProvider = executionAttributes.getAttribute(SdkInternalExecutionAttribute.CLIENT_ENDPOINT_PROVIDER); SdkHttpRequest result = AwsEndpointProviderUtils.setUri(httpRequest, - clientEndpointProvider.clientEndpoint(), endpoint.url()); + clientEndpointProvider.clientEndpoint(), endpoint.url()); if (!endpoint.headers().isEmpty()) { SdkHttpRequest.Builder builder = result.toBuilder(); diff --git a/services/s3/src/main/java/software/amazon/awssdk/services/s3/internal/signing/DefaultS3Presigner.java b/services/s3/src/main/java/software/amazon/awssdk/services/s3/internal/signing/DefaultS3Presigner.java index 143c91be4826..d40ad32c01c2 100644 --- a/services/s3/src/main/java/software/amazon/awssdk/services/s3/internal/signing/DefaultS3Presigner.java +++ b/services/s3/src/main/java/software/amazon/awssdk/services/s3/internal/signing/DefaultS3Presigner.java @@ -44,10 +44,10 @@ import software.amazon.awssdk.awscore.defaultsmode.DefaultsMode; import software.amazon.awssdk.awscore.endpoint.AwsClientEndpointProvider; import software.amazon.awssdk.awscore.endpoints.AwsEndpointAttribute; +import software.amazon.awssdk.awscore.endpoints.AwsEndpointProviderUtils; import software.amazon.awssdk.awscore.endpoints.authscheme.EndpointAuthScheme; import software.amazon.awssdk.awscore.internal.AwsExecutionContextBuilder; import software.amazon.awssdk.awscore.internal.defaultsmode.DefaultsModeConfiguration; -import software.amazon.awssdk.awscore.endpoints.AwsEndpointProviderUtils; import software.amazon.awssdk.awscore.presigner.PresignRequest; import software.amazon.awssdk.awscore.presigner.PresignedRequest; import software.amazon.awssdk.core.ClientEndpointProvider; @@ -62,6 +62,7 @@ import software.amazon.awssdk.core.client.config.SdkClientOption; import software.amazon.awssdk.core.exception.SdkClientException; import software.amazon.awssdk.core.http.ExecutionContext; +import software.amazon.awssdk.core.http.auth.AuthSchemeResolver; import software.amazon.awssdk.core.identity.SdkIdentityProperty; import software.amazon.awssdk.core.interceptor.ClasspathInterceptorChainFactory; import software.amazon.awssdk.core.interceptor.ExecutionAttributes; @@ -70,7 +71,6 @@ import software.amazon.awssdk.core.interceptor.InterceptorContext; import software.amazon.awssdk.core.interceptor.SdkExecutionAttribute; import software.amazon.awssdk.core.interceptor.SdkInternalExecutionAttribute; -import software.amazon.awssdk.core.internal.http.auth.AuthSchemeResolver; import software.amazon.awssdk.core.signer.Presigner; import software.amazon.awssdk.core.signer.Signer; import software.amazon.awssdk.core.sync.RequestBody;