Merge branch 'main' into RFC30/serde-decorator

Author: thomas-k-cameron

CHANGELOG.next.toml

@@ -17,3 +17,9 @@ author = "rcoh"
 references = ["smithy-rs#2612"]
 meta = { "breaking" = false, "tada" = false, "bug" = false }
 
+
+[[smithy-rs]]
+message = "Implement `Ord` and `PartialOrd` for `DateTime`."
+author = "henriiik"
+references = ["smithy-rs#2653"]
+meta = { "breaking" = false, "tada" = false, "bug" = false }

aws/rust-runtime/aws-runtime/src/auth.rs

@@ -11,11 +11,10 @@ pub mod sigv4 {
         SignableRequest, SignatureLocation, SigningParams, SigningSettings,
         UriPathNormalizationMode,
     };
-    use aws_smithy_http::property_bag::PropertyBag;
+    use aws_smithy_runtime_api::client::auth::{AuthSchemeId, HttpAuthScheme, HttpRequestSigner};
     use aws_smithy_runtime_api::client::identity::{Identity, IdentityResolver, IdentityResolvers};
-    use aws_smithy_runtime_api::client::orchestrator::{
-        BoxError, HttpAuthScheme, HttpRequest, HttpRequestSigner,
-    };
+    use aws_smithy_runtime_api::client::orchestrator::{BoxError, ConfigBagAccessors, HttpRequest};
+    use aws_smithy_runtime_api::config_bag::ConfigBag;
     use aws_types::region::SigningRegion;
     use aws_types::SigningService;
     use std::time::{Duration, SystemTime};
@@ -24,7 +23,7 @@ pub mod sigv4 {
         `expires_in` duration because the credentials used to sign it will expire first.";
 
     /// Auth scheme ID for SigV4.
-    pub const SCHEME_ID: &str = "sigv4";
+    pub const SCHEME_ID: AuthSchemeId = AuthSchemeId::new("sigv4");
 
     /// SigV4 auth scheme.
     #[derive(Debug, Default)]
@@ -40,7 +39,7 @@ pub mod sigv4 {
     }
 
     impl HttpAuthScheme for SigV4HttpAuthScheme {
-        fn scheme_id(&self) -> &'static str {
+        fn scheme_id(&self) -> AuthSchemeId {
             SCHEME_ID
         }
 
@@ -88,8 +87,6 @@ pub mod sigv4 {
         pub signing_optional: bool,
         /// Optional expiration (for presigning)
         pub expires_in: Option<Duration>,
-        /// Timestamp to sign with.
-        pub request_timestamp: SystemTime,
     }
 
     impl Default for SigningOptions {
@@ -103,7 +100,6 @@ pub mod sigv4 {
                 signature_type: HttpSignatureType::HttpRequestHeaders,
                 signing_optional: false,
                 expires_in: None,
-                request_timestamp: SystemTime::now(),
             }
         }
     }
@@ -168,11 +164,11 @@ pub mod sigv4 {
             settings: SigningSettings,
             credentials: &'a Credentials,
             operation_config: &'a SigV4OperationSigningConfig,
+            request_timestamp: SystemTime,
         ) -> SigningParams<'a> {
             if let Some(expires_in) = settings.expires_in {
                 if let Some(creds_expires_time) = credentials.expiry() {
-                    let presigned_expires_time =
-                        operation_config.signing_options.request_timestamp + expires_in;
+                    let presigned_expires_time = request_timestamp + expires_in;
                     if presigned_expires_time > creds_expires_time {
                         tracing::warn!(EXPIRATION_WARNING);
                     }
@@ -184,7 +180,7 @@ pub mod sigv4 {
                 .secret_key(credentials.secret_access_key())
                 .region(operation_config.region.as_ref())
                 .service_name(operation_config.service.as_ref())
-                .time(operation_config.signing_options.request_timestamp)
+                .time(request_timestamp)
                 .settings(settings);
             builder.set_security_token(credentials.session_token());
             builder.build().expect("all required fields set")
@@ -196,12 +192,12 @@ pub mod sigv4 {
             &self,
             request: &mut HttpRequest,
             identity: &Identity,
-            // TODO(enableNewSmithyRuntime): should this be the config bag?
-            signing_properties: &PropertyBag,
+            config_bag: &ConfigBag,
         ) -> Result<(), BoxError> {
-            let operation_config = signing_properties
+            let operation_config = config_bag
                 .get::<SigV4OperationSigningConfig>()
                 .ok_or("missing operation signing config for SigV4")?;
+            let request_time = config_bag.request_time().unwrap_or_default().system_time();
 
             let credentials = if let Some(creds) = identity.data::<Credentials>() {
                 creds
@@ -213,7 +209,8 @@ pub mod sigv4 {
             };
 
             let settings = Self::settings(operation_config);
-            let signing_params = Self::signing_params(settings, credentials, operation_config);
+            let signing_params =
+                Self::signing_params(settings, credentials, operation_config, request_time);
 
             let (signing_instructions, _signature) = {
                 // A body that is already in memory can be signed directly. A body that is not in memory
@@ -283,17 +280,16 @@ pub mod sigv4 {
                     signature_type: HttpSignatureType::HttpRequestHeaders,
                     signing_optional: false,
                     expires_in: None,
-                    request_timestamp: now,
                     payload_override: None,
                 },
             };
-            SigV4HttpRequestSigner::signing_params(settings, &credentials, &operation_config);
+            SigV4HttpRequestSigner::signing_params(settings, &credentials, &operation_config, now);
             assert!(!logs_contain(EXPIRATION_WARNING));
 
             let mut settings = SigningSettings::default();
             settings.expires_in = Some(creds_expire_in + Duration::from_secs(10));
 
-            SigV4HttpRequestSigner::signing_params(settings, &credentials, &operation_config);
+            SigV4HttpRequestSigner::signing_params(settings, &credentials, &operation_config, now);
             assert!(logs_contain(EXPIRATION_WARNING));
         }
     }

aws/rust-runtime/aws-runtime/src/identity.rs

@@ -6,9 +6,9 @@
 /// Credentials-based identity support.
 pub mod credentials {
     use aws_credential_types::cache::SharedCredentialsCache;
-    use aws_smithy_http::property_bag::PropertyBag;
     use aws_smithy_runtime_api::client::identity::{Identity, IdentityResolver};
     use aws_smithy_runtime_api::client::orchestrator::{BoxError, Future};
+    use aws_smithy_runtime_api::config_bag::ConfigBag;
 
     /// Smithy identity resolver for AWS credentials.
     #[derive(Debug)]
@@ -24,7 +24,7 @@ pub mod credentials {
     }
 
     impl IdentityResolver for CredentialsIdentityResolver {
-        fn resolve_identity(&self, _identity_properties: &PropertyBag) -> Future<Identity> {
+        fn resolve_identity(&self, _config_bag: &ConfigBag) -> Future<Identity> {
             let cache = self.credentials_cache.clone();
             Future::new(Box::pin(async move {
                 let credentials = cache.as_ref().provide_cached_credentials().await?;

aws/sdk-codegen/src/main/kotlin/software/amazon/smithy/rustsdk/SigV4AuthDecorator.kt

@@ -102,10 +102,8 @@ private class AuthOperationRuntimePluginCustomization(private val codegenContext
         val runtimeApi = RuntimeType.smithyRuntimeApi(runtimeConfig)
         val awsRuntime = AwsRuntimeType.awsRuntime(runtimeConfig)
         arrayOf(
-            "AuthOptionListResolver" to runtimeApi.resolve("client::auth::option_resolver::AuthOptionListResolver"),
-            "HttpAuthOption" to runtimeApi.resolve("client::orchestrator::HttpAuthOption"),
+            "StaticAuthOptionResolver" to runtimeApi.resolve("client::auth::option_resolver::StaticAuthOptionResolver"),
             "HttpSignatureType" to awsRuntime.resolve("auth::sigv4::HttpSignatureType"),
-            "PropertyBag" to RuntimeType.smithyHttp(runtimeConfig).resolve("property_bag::PropertyBag"),
             "SIGV4_SCHEME_ID" to awsRuntime.resolve("auth::sigv4::SCHEME_ID"),
             "SigV4OperationSigningConfig" to awsRuntime.resolve("auth::sigv4::SigV4OperationSigningConfig"),
             "SigningOptions" to awsRuntime.resolve("auth::sigv4::SigningOptions"),
@@ -136,16 +134,15 @@ private class AuthOperationRuntimePluginCustomization(private val codegenContext
                         signing_options.normalize_uri_path = $normalizeUrlPath;
                         signing_options.signing_optional = $signingOptional;
                         signing_options.payload_override = #{payload_override};
-                        signing_options.request_timestamp = cfg.request_time().unwrap_or_default().system_time();
 
-                        let mut sigv4_properties = #{PropertyBag}::new();
-                        sigv4_properties.insert(#{SigV4OperationSigningConfig} {
+                        ${section.configBagName}.put(#{SigV4OperationSigningConfig} {
                             region: signing_region,
                             service: signing_service,
                             signing_options,
                         });
-                        let auth_option_resolver = #{AuthOptionListResolver}::new(
-                            vec![#{HttpAuthOption}::new(#{SIGV4_SCHEME_ID}, std::sync::Arc::new(sigv4_properties))]
+                        // TODO(enableNewSmithyRuntime): Make auth options additive in the config bag so that multiple codegen decorators can register them
+                        let auth_option_resolver = #{StaticAuthOptionResolver}::new(
+                            vec![#{SIGV4_SCHEME_ID}]
                         );
                         ${section.configBagName}.set_auth_option_resolver(auth_option_resolver);
                         """,

aws/sra-test/integration-tests/aws-sdk-s3/Cargo.toml

@@ -6,24 +6,20 @@ publish = false
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-aws-credential-types = { path = "../../../rust-runtime/aws-credential-types", features = ["test-util"] }
 aws-http = { path = "../../../rust-runtime/aws-http" }
 aws-runtime = { path = "../../../rust-runtime/aws-runtime" }
 aws-sdk-s3 = { path = "../../build/sdk/aws-sdk-s3", features = ["test-util"] }
-aws-sigv4 = { path = "../../../rust-runtime/aws-sigv4" }
-aws-types = { path = "../../../rust-runtime/aws-types" }
-aws-smithy-async = { path = "../../../../rust-runtime/aws-smithy-async", features = ["rt-tokio"] }
 aws-smithy-client = { path = "../../../../rust-runtime/aws-smithy-client", features = ["test-util", "rustls"] }
-aws-smithy-types = { path = "../../../../rust-runtime/aws-smithy-types" }
-aws-smithy-http = { path = "../../../../rust-runtime/aws-smithy-http" }
-aws-smithy-runtime = { path = "../../../../rust-runtime/aws-smithy-runtime", features = ["test-util"] }
 aws-smithy-runtime-api = { path = "../../../../rust-runtime/aws-smithy-runtime-api" }
+aws-types = { path = "../../../rust-runtime/aws-types" }
 criterion = { version = "0.4", features = ["async_tokio"] }
+http = "0.2.3"
+http-body = "0.4.5"
+last-release-smithy-client = { version = "0.55", package = "aws-smithy-client", features = ["test-util", "rustls"] }
+last-release-s3 = { version = "0.26", package = "aws-sdk-s3", features = ["test-util"] }
 tokio = { version = "1.23.1", features = ["macros", "test-util", "rt-multi-thread"] }
 tracing = "0.1.37"
 tracing-subscriber = { version = "0.3.15", features = ["env-filter", "json"] }
-http = "0.2.3"
-http-body = "0.4.5"
 
 [profile.release]
 debug = 1